Executive Summary

Informations
Name CVE-2010-1117 First vendor Publication 2010-03-25
Vendor Cve Last vendor Modification 2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:N/C:C/I:C/A:C)
Cvss Base Score 7.6 Attack Range Network
Cvss Impact Score 10 Attack Complexity High
Cvss Expoit Score 4.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Heap-based buffer overflow in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to discover the base address of a Windows .dll file, and possibly have unspecified other impact, via unknown vectors, as demonstrated by Peter Vreugdenhil during a Pwn2Own competition at CanSecWest 2010.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1117

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1

Open Source Vulnerability Database (OSVDB)

Id Description
63469 Microsoft IE DLL File Base Address Discovery Overflow (PWN2OWN)

Snort® IPS/IDS

Date Description
2014-12-16 Microsoft Internet Explorer style sheet array memory corruption attempt
RuleID : 32532 - Revision : 3 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer oversize recordset object cache size exploit attempt
RuleID : 18280 - Revision : 15 - Type : BROWSER-IE
2014-01-10 Microsoft Internet Explorer style sheet array memory corruption attempt
RuleID : 16659 - Revision : 17 - Type : BROWSER-IE

Sources (Detail)

http://dvlabs.tippingpoint.com/blog/2010/02/15/pwn2own-2010
http://news.cnet.com/8301-27080_3-20001126-245.html
http://twitter.com/thezdi/statuses/11003801960
http://vreugdenhilresearch.nl/Pwn2Own-2010-Windows7-InternetExplorer8.pdf
https://exchange.xforce.ibmcloud.com/vulnerabilities/57196
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
Date Informations
2024-11-28 23:09:07
  • Multiple Updates
2024-11-28 12:21:29
  • Multiple Updates
2021-07-27 00:24:33
  • Multiple Updates
2021-07-24 01:44:10
  • Multiple Updates
2021-07-24 01:07:02
  • Multiple Updates
2021-07-23 21:25:00
  • Multiple Updates
2020-05-23 00:25:29
  • Multiple Updates
2017-08-17 09:22:57
  • Multiple Updates
2016-06-29 00:11:45
  • Multiple Updates
2014-12-16 21:23:19
  • Multiple Updates
2014-01-19 21:26:43
  • Multiple Updates
2013-05-10 23:21:08
  • Multiple Updates