Executive Summary
Summary | |
---|---|
Title | Cumulative Security Update for Internet Explorer (982381) |
Informations | |||
---|---|---|---|
Name | MS10-035 | First vendor Publication | 2010-06-08 |
Vendor | Microsoft | Last vendor Modification | 2011-09-13 |
Severity (Vendor) | Critical | Revision | 2.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Severity Rating: Critical |
Original Source
Url : http://technet.microsoft.com/en-us/security/bulletin/ms10-035 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
67 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
17 % | CWE-264 | Permissions, Privileges, and Access Controls |
17 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:6677 | |||
Oval ID: | oval:org.mitre.oval:def:6677 | ||
Title: | toStaticHTML Information Disclosure Vulnerability | ||
Description: | Cross-site scripting (XSS) vulnerability in the toStaticHTML API, as used in Microsoft Office InfoPath 2003 SP3, 2007 SP1, and 2007 SP2; Office SharePoint Server 2007 SP1 and SP2; SharePoint Services 3.0 SP1 and SP2; and Internet Explorer 8 allows remote attackers to inject arbitrary web script or HTML via vectors related to sanitization. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1257 | Version: | 19 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 8 Microsoft Office InfoPath 2003 Microsoft Office InfoPath 2007 Microsoft Office SharePoint Server 2007 Microsoft Windows SharePoint Services 3.0 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6686 | |||
Oval ID: | oval:org.mitre.oval:def:6686 | ||
Title: | HTML Element Memory Corruption Vulnerability | ||
Description: | The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1260 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 8 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7124 | |||
Oval ID: | oval:org.mitre.oval:def:7124 | ||
Title: | Uninitialized Memory Corruption Vulnerability (CVE-2010-1261) | ||
Description: | The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1261 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 8 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7145 | |||
Oval ID: | oval:org.mitre.oval:def:7145 | ||
Title: | Cross-Domain Information Disclosure Vulnerability (CVE-2010-0255) | ||
Description: | Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prevent rendering of non-HTML local files as HTML documents, which allows remote attackers to bypass intended access restrictions and read arbitrary files via vectors involving JavaScript exploit code that constructs a reference to a file://127.0.0.1 URL, aka the dynamic OBJECT tag vulnerability, as demonstrated by obtaining the data from an index.dat file, a variant of CVE-2009-1140 and related to CVE-2008-1448. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-0255 | Version: | 11 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7324 | |||
Oval ID: | oval:org.mitre.oval:def:7324 | ||
Title: | Uninitialized Memory Corruption Vulnerability (CVE-2010-1259) | ||
Description: | Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1259 | Version: | 11 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7406 | |||
Oval ID: | oval:org.mitre.oval:def:7406 | ||
Title: | Memory Corruption Vulnerability (CVE-2010-1262) | ||
Description: | Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, related to the CStyleSheet object and a free of the root container, aka "Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1262 | Version: | 11 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 5 | |
Application | 3 | |
Application | 4 | |
Application | 4 |
OpenVAS Exploits
Date | Description |
---|---|
2010-06-09 | Name : Microsoft Internet Explorer Multiple Vulnerabilities (982381) File : nvt/secpod_ms10-035.nasl |
2010-06-09 | Name : Microsoft SharePoint Privilege Elevation Vulnerabilities (2028554) File : nvt/secpod_ms10-039.nasl |
2010-02-08 | Name : Microsoft Internet Explorer Information Disclosure Vulnerability (980088) File : nvt/gb_ms_ie_npl_info_disc_vuln.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
65215 | Microsoft IE Uninitialized Object Handling Memory Corruption (2010-1259) A memory corruption flaw exists in Microsoft Internet Explorer. The program fails to sanitize user-supplied input when accessing an improperly initialized or deleted object, resulting in memory corruption. With a specially crafted page, a context-dependent attacker can execute arbitrary code. |
65214 | Microsoft IE Uninitialized Object Handling Memory Corruption (2010-1261) A memory corruption flaw exists in Microsoft Internet Explorer. The IE8 Developer Toolbar fails to sanitize user-supplied input when accessing an improperly initialized or deleted object, resulting in memory corruption. With a specially crafted page, a context-dependent attacker can execute arbitrary code. |
65213 | Microsoft IE HTML Element Handling Memory Corruption A memory corruption flaw exists in Microsoft Internet Explorer. The IE8 Developer Toolbar fails to sanitize user-supplied input when accessing an improperly initialized or deleted object, resulting in memory corruption. With a specially crafted page, a context-dependent attacker can execute arbitrary code. |
65212 | Microsoft IE CStyleSheet Object Handling Memory Corruption A memory corruption flaw exists in Microsoft Internet Explorer. The program fails to sanitize user-supplied input when a use-after-free error occurs due to an invalid pointer being utilized during use of CStyleSheets, resulting in memory corruption. With a specially crafted page containing a CStyleSheet, a context-dependent attacker can execute arbitrary code. |
65211 | Microsoft IE / Sharepoint toStaticHTML Information Disclosure Microsoft Internet Explorer and Sharepoint contain a flaw that may lead to an unspecified unauthorized information disclosure. This issue is triggered when the 'toStaticHTML()' method fails to properly sanitise HTML code. This may allow a remote attacker to conduct cross-site scripting attacks. |
62156 | Microsoft IE Dynamic OBJECT Tag Cross-domain Arbitrary File Access |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2010-06-10 | IAVM : 2010-A-0079 - Multiple Vulnerabilities in Microsoft Office SharePoint Severity : Category II - VMSKEY : V0024377 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-12-16 | Microsoft Internet Explorer style sheet array memory corruption attempt RuleID : 32532 - Revision : 3 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer oversize recordset object cache size exploit attempt RuleID : 18280 - Revision : 15 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer style sheet array memory corruption attempt RuleID : 16659 - Revision : 17 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer 8 cross-site scripting attempt RuleID : 16658 - Revision : 7 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer security zone restriction bypass attempt RuleID : 16637 - Revision : 12 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer 7/8 execute local file in Internet zone redirect ... RuleID : 16423 - Revision : 14 - Type : BROWSER-IE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-06-09 | Name : Arbitrary code can be executed on the remote host through a web browser. File : smb_nt_ms10-035.nasl - Type : ACT_GATHER_INFO |
2010-06-09 | Name : The remote host has multiple vulnerabilities. File : smb_nt_ms10-039.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-12-16 21:23:22 |
|
2014-02-17 11:46:34 |
|
2014-01-19 21:30:28 |
|