Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3671, CVE-2009-3674, CVE-2010-0245, and CVE-2010-0246.
References
Link | Resource |
---|---|
http://www.us-cert.gov/cas/techalerts/TA10-222A.html | Third Party Advisory US Government Resource |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-053 | Patch Vendor Advisory |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11984 | Tool Signature |
http://www.us-cert.gov/cas/techalerts/TA10-222A.html | Third Party Advisory US Government Resource |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-053 | Patch Vendor Advisory |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11984 | Tool Signature |
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2010-08-11 18:47
Updated : 2025-04-11 00:51
NVD link : CVE-2010-2559
Mitre link : CVE-2010-2559
CVE.ORG link : CVE-2010-2559
JSON object : View
Products Affected
microsoft
- windows_server_2003
- windows_vista
- windows_xp
- windows_server_2008
- windows_7
- internet_explorer
CWE
CWE-908
Use of Uninitialized Resource