Back to search
CVE-2010-0492
Published: Mar 31, 2010
Modified: Oct 21, 2024
PUBLISHED
Description
Use-after-free vulnerability in mstime.dll in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via vectors related to the TIME2 behavior, the CTimeAction object, and destruction of markup, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability."
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
oval:org.mitre.oval:def:7722
vdb-entry
signature
x_refsource_OVAL
TA10-089A
third-party-advisory
x_refsource_CERT
http://www.zerodayinitiative.com/advisories/ZDI-10-033
x_refsource_MISC
TA10-068A
third-party-advisory
x_refsource_CERT
MS10-018
vendor-advisory
x_refsource_MS
20100402 ZDI-10-033: Microsoft Internet Explorer TIME2 Behavior Remote Code Execution Vulnerability
mailing-list
x_refsource_BUGTRAQ
39030
vdb-entry
x_refsource_BID
ADV-2010-0744
vdb-entry
x_refsource_VUPEN
1023773
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now