9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.5 High
AI Score
Confidence
Low
0.869 High
EPSS
Percentile
98.6%
Use-after-free vulnerability in mstime.dll in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via vectors related to the TIME2 behavior, the CTimeAction object, and destruction of markup, leading to memory corruption, aka βHTML Object Memory Corruption Vulnerability.β
securitytracker.com/id?1023773
www.securityfocus.com/archive/1/510506/100/0/threaded
www.securityfocus.com/bid/39030
www.us-cert.gov/cas/techalerts/TA10-068A.html
www.us-cert.gov/cas/techalerts/TA10-089A.html
www.vupen.com/english/advisories/2010/0744
www.zerodayinitiative.com/advisories/ZDI-10-033
docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-018
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7722