Executive Summary
Summary | |
---|---|
Title | Cumulative Security Update for Internet Explorer (978207) |
Informations | |||
---|---|---|---|
Name | MS10-002 | First vendor Publication | 2010-01-21 |
Vendor | Microsoft | Last vendor Modification | 2010-02-10 |
Severity (Vendor) | Critical | Revision | 1.3 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Revision Note: V1.3 (February 10, 2010): Corrected the severity ratings for Internet Explorer 5.01 Service Pack 4 when installed on Microsoft Windows 2000 Service Pack 4 and Internet Explorer 6 for Windows XP Service Pack 2 for CVE-2010-0027.Summary: This security update resolves seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The more severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
Original Source
Url : http://www.microsoft.com/technet/security/bulletin/MS10-002.mspx |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
86 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
14 % | CWE-416 | Use After Free |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:6835 | |||
Oval ID: | oval:org.mitre.oval:def:6835 | ||
Title: | HTML Object Memory Corruption Vulnerability (CVE-2010-0249) | ||
Description: | Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object, related to incorrectly initialized memory and improper handling of objects in memory, as exploited in the wild in December 2009 and January 2010 during Operation Aurora, aka "HTML Object Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-0249 | Version: | 13 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7715 | |||
Oval ID: | oval:org.mitre.oval:def:7715 | ||
Title: | XSS Filter Script Handling Vulnerability | ||
Description: | The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to leverage the "response-changing mechanism" to conduct cross-site scripting (XSS) attacks against web sites that have no inherent XSS vulnerabilities, related to the details of output encoding and improper modification of an HTML attribute, aka "XSS Filter Script Handling Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-4074 | Version: | 10 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8186 | |||
Oval ID: | oval:org.mitre.oval:def:8186 | ||
Title: | Uninitialized Memory Corruption Vulnerability (CVE-2010-0244) | ||
Description: | Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-2530 and CVE-2009-2531. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-0244 | Version: | 12 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8267 | |||
Oval ID: | oval:org.mitre.oval:def:8267 | ||
Title: | Uninitialized Memory Corruption Vulnerability (CVE-2010-0248) | ||
Description: | Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-0248 | Version: | 12 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8378 | |||
Oval ID: | oval:org.mitre.oval:def:8378 | ||
Title: | Uninitialized Memory Corruption Vulnerability (CVE-2010-0246) | ||
Description: | Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3671, CVE-2009-3674, and CVE-2010-0245. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-0246 | Version: | 10 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8464 | |||
Oval ID: | oval:org.mitre.oval:def:8464 | ||
Title: | URL Validation Vulnerability | ||
Description: | The URL validation functionality in Microsoft Internet Explorer 5.01, 6, 6 SP1, 7 and 8, and the ShellExecute API function in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, does not properly process input parameters, which allows remote attackers to execute arbitrary local programs via a crafted URL, aka "URL Validation Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-0027 | Version: | 12 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8491 | |||
Oval ID: | oval:org.mitre.oval:def:8491 | ||
Title: | Uninitialized Memory Corruption Vulnerability (CVE-2010-0245) | ||
Description: | Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3671, CVE-2009-3674, and CVE-2010-0246. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-0245 | Version: | 10 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8506 | |||
Oval ID: | oval:org.mitre.oval:def:8506 | ||
Title: | Uninitialized Memory Corruption Vulnerability (CVE-2010-0247) | ||
Description: | Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-0247 | Version: | 1 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Internet Explorer Eventparam use-after-free vulnerability | More info here |
ExploitDB Exploits
id | Description |
---|---|
2012-03-22 | MS10-002 Internet Explorer Object Memory Use-After-Free |
2010-07-12 | Internet Explorer "Aurora" Memory Corruption |
2010-01-17 | Internet Explorer Aurora Exploit |
OpenVAS Exploits
Date | Description |
---|---|
2010-02-10 | Name : Microsoft Windows Shell Handler Could Allow Remote Code Execution Vulnerabili... File : nvt/secpod_ms10-007.nasl |
2010-01-22 | Name : Microsoft Internet Explorer Multiple Vulnerabilities (978207) File : nvt/secpod_ms10-002.nasl |
2010-01-20 | Name : Microsoft Internet Explorer Remote Code Execution Vulnerability (979352) File : nvt/gb_ms_ie_dep_remote_code_exec_vuln.nasl |
2009-11-30 | Name : Microsoft Internet Explorer 'XSS Filter' XSS Vulnerabilities - Nov09 File : nvt/secpod_ms_ie_xss_filter_xss_vuln_nov09.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
62245 | Microsoft Windows Shell Handler ShellExecute API Crafted URL Arbitrary Comman... |
61914 | Microsoft IE Javascript Cloned DOM Object Handling Memory Corruption |
61913 | Microsoft IE HTML Object Handling Unspecified Memory Corruption |
61912 | Microsoft IE Baseline Tag Rendering Memory Corruption |
61911 | Microsoft IE Table Layout Reuse Memory Corruption |
61910 | Microsoft IE Table Layout Col Tag Cache Update Handling Memory Corruption |
61909 | Microsoft IE Unspecified Crafted URL Handling Arbitrary Code Execution |
61697 | Microsoft IE mshtml.dll Use-After-Free Arbitrary Code Execution (Aurora) Internet Explorer contains a flaw that may allow a context-dependent attacker to execute arbitrary code. The issue is triggered when a specially crafted website causes mshtml.dll to access memory that has been freed, allowing code execution. |
60660 | Microsoft IE Response-Changing Mechanism Output Encoding XSS |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2010-02-18 | IAVM : 2010-A-0029 - Microsoft Windows Shell Handler Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0022683 |
Snort® IPS/IDS
Date | Description |
---|---|
2017-10-03 | Microsoft Windows Shell Handler remote code execution attempt RuleID : 44218 - Revision : 1 - Type : OS-WINDOWS |
2017-10-03 | Microsoft Windows Shell Handler remote code execution attempt RuleID : 44217 - Revision : 1 - Type : OS-WINDOWS |
2017-10-03 | Microsoft Windows Shell Handler remote code execution attempt RuleID : 44216 - Revision : 1 - Type : OS-WINDOWS |
2017-09-06 | Microsoft Internet Explorer CTableLayout memory corruption attempt RuleID : 43831 - Revision : 3 - Type : BROWSER-IE |
2017-09-06 | Microsoft Internet Explorer CTableLayout memory corruption attempt RuleID : 43830 - Revision : 3 - Type : BROWSER-IE |
2016-04-05 | Microsoft Internet Explorer invalid object access memory corruption attempt RuleID : 37947 - Revision : 1 - Type : BROWSER-IE |
2016-04-05 | Microsoft Internet Explorer invalid object access memory corruption attempt RuleID : 37946 - Revision : 1 - Type : BROWSER-IE |
2016-04-05 | Microsoft Internet Explorer deleted object access memory corruption attempt RuleID : 37945 - Revision : 1 - Type : BROWSER-IE |
2016-04-05 | Microsoft Internet Explorer invalid object access memory corruption attempt RuleID : 37944 - Revision : 1 - Type : BROWSER-IE |
2016-04-05 | Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt RuleID : 37881 - Revision : 2 - Type : BROWSER-IE |
2015-03-27 | Microsoft Internet Explorer CTableLayout memory corruption attempt RuleID : 33570 - Revision : 3 - Type : BROWSER-IE |
2015-03-27 | Microsoft Internet Explorer CTableLayout memory corruption attempt RuleID : 33569 - Revision : 3 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer CTableLayout memory corruption attempt RuleID : 28353 - Revision : 7 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer CTableLayout memory corruption attempt RuleID : 28352 - Revision : 7 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer deleted object cells reference memory corruption ... RuleID : 28287 - Revision : 5 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt RuleID : 24872 - Revision : 8 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt RuleID : 24871 - Revision : 8 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt RuleID : 24870 - Revision : 6 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt RuleID : 24869 - Revision : 6 - Type : BROWSER-IE |
2014-01-10 | Phoenix exploit kit post-compromise behavior RuleID : 21860 - Revision : 5 - Type : MALWARE-CNC |
2014-01-10 | Phoenix exploit kit landing page RuleID : 21640 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Microsoft Internet Explorer invalid object access memory corruption attempt RuleID : 19937 - Revision : 12 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer CTableLayout memory corruption attempt RuleID : 18951 - Revision : 12 - Type : BROWSER-IE |
2014-01-10 | Microsoft Windows Shell Handler remote code execution attempt RuleID : 16414 - Revision : 14 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Internet Explorer deleted object cells reference memory corruption ... RuleID : 16378 - Revision : 14 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt RuleID : 16377 - Revision : 18 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer CTableLayout memory corruption attempt RuleID : 16376 - Revision : 13 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer deleted object access memory corruption attempt RuleID : 16369 - Revision : 14 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer invalid object access memory corruption attempt RuleID : 16367 - Revision : 17 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer 8 DOM memory corruption attempt RuleID : 16326 - Revision : 11 - Type : BROWSER-IE |
Metasploit Database
id | Description |
---|---|
2010-01-21 | MS10-002 Microsoft Internet Explorer Object Memory Use-After-Free |
2010-01-14 | MS10-002 Microsoft Internet Explorer "Aurora" Memory Corruption |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-02-09 | Name : An API function on the remote host has a code execution vulnerability. File : smb_nt_ms10-007.nasl - Type : ACT_GATHER_INFO |
2009-01-21 | Name : Arbitrary code can be executed on the remote host through a web browser. File : smb_nt_ms10-002.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2020-05-23 13:17:13 |
|
2015-03-27 21:26:28 |
|
2014-02-17 11:46:26 |
|
2014-01-19 21:30:25 |
|