Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2010-3343 | First vendor Publication | 2010-12-16 |
Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability." |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3343 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12372 | |||
Oval ID: | oval:org.mitre.oval:def:12372 | ||
Title: | HTML Object Memory Corruption Vulnerability | ||
Description: | Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3343 | Version: | 4 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer 6 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 |
ExploitDB Exploits
id | Description |
---|---|
2011-01-20 | Internet Explorer CSS SetUserClip Memory Corruption |
OpenVAS Exploits
Date | Description |
---|---|
2010-12-15 | Name : Microsoft Internet Explorer Multiple Vulnerabilities (2416400) File : nvt/secpod_ms10-090.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
69827 | Microsoft IE Animation HTML Object Memory Corruption (2010-3343) A memory corruption flaw exists in Microsoft Internet Explorer. The program fails to properly handle objects in memory, allowing an attacker to access an object that was not properly initialized or has been deleted, resulting in memory corruption. With a specially crafted web page, a context-dependent attacker can execute arbitrary code. |
Snort® IPS/IDS
Date | Description |
---|---|
2015-01-20 | Microsoft Internet Explorer COleSite ActiveX memory corruption attempt RuleID : 32844 - Revision : 3 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer malformed table remote code execution attempt RuleID : 18221 - Revision : 15 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer time element memory corruption attempt RuleID : 18218 - Revision : 16 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer 6 #default#anim attempt RuleID : 18216 - Revision : 15 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer COleSite ActiveX memory corruption attempt RuleID : 18199 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer COleSite ActiveX memory corruption attempt RuleID : 18198 - Revision : 14 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer COleSite ActiveX memory corruption attempt RuleID : 18197 - Revision : 14 - Type : BROWSER-PLUGINS |
2015-05-28 | Microsoft Internet Explorer CSS style memory corruption attempt RuleID : 18062 - Revision : 7 - Type : WEB-CLIENT |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2011-01-20 | Name : Arbitrary code can be executed on the remote host through a web browser. File : smb_kb2488013.nasl - Type : ACT_GATHER_INFO |
2010-12-15 | Name : Arbitrary code can be executed on the remote host through a web browser. File : smb_nt_ms10-090.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-11-28 23:06:42 |
|
2024-11-28 12:22:52 |
|
2022-03-01 00:23:25 |
|
2021-07-27 00:24:32 |
|
2021-07-24 01:44:09 |
|
2021-07-24 01:07:33 |
|
2021-07-23 17:24:36 |
|
2020-05-23 00:26:27 |
|
2019-02-26 17:19:34 |
|
2018-10-13 00:23:00 |
|
2017-09-19 09:23:57 |
|
2016-06-29 00:15:03 |
|
2016-04-26 20:04:55 |
|
2014-02-17 10:57:22 |
|
2014-01-19 21:27:09 |
|
2013-05-10 23:32:23 |
|