Lucene search
HistoryAug 11, 2010 - 6:47 p.m.
CVE-2010-2560
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.5
Confidence
High
EPSS
0.952
Percentile
99.4%
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka “HTML Layout Memory Corruption Vulnerability.”
Affected configurations
Node
microsoftinternet_explorerMatch6
microsoftwindows_server_2003Match-sp2
ORmicrosoftwindows_xpMatch-sp2x64
ORmicrosoftwindows_xpMatch-sp3
Node
microsoftinternet_explorerMatch7
microsoftwindows_server_2003Match-sp2
ORmicrosoftwindows_server_2008Match--
ORmicrosoftwindows_server_2008Match-sp2
ORmicrosoftwindows_vistaMatch-sp1
ORmicrosoftwindows_vistaMatch-sp2
ORmicrosoftwindows_xpMatch-sp2professionalx64
ORmicrosoftwindows_xpMatch-sp3
Node
microsoftinternet_explorerMatch8
microsoftwindows_7Match-
ORmicrosoftwindows_server_2003Match-sp2
ORmicrosoftwindows_server_2008Match--
ORmicrosoftwindows_server_2008Match-sp2
ORmicrosoftwindows_server_2008Matchr2
ORmicrosoftwindows_vistaMatch-sp1
ORmicrosoftwindows_vistaMatch-sp2
ORmicrosoftwindows_xpMatch-sp2professionalx64
ORmicrosoftwindows_xpMatch-sp3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | internet_explorer | 6 | cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:* |
| microsoft | windows_server_2003 | - | cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:* |
| microsoft | windows_xp | - | cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:x64:* |
| microsoft | windows_xp | - | cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:* |
| microsoft | internet_explorer | 7 | cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:* |
| microsoft | windows_server_2008 | - | cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:*:*:*:* |
| microsoft | windows_server_2008 | - | cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:* |
| microsoft | windows_vista | - | cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:* |
| microsoft | windows_vista | - | cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:* |
| microsoft | windows_xp | - | cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:* |
Related
cvelist
cvelist
CVE-2010-2560
2010-08-11 18:00:00
securityvulns
securityvulns
VUPEN Security Research - Microsoft Internet Explorer Table Element Use-after-free Vulnerability (CVE-2010-2560)
2010-08-11 00:00:00
Microsoft Security Bulletin MS10-053 - Critical Cumulative Security Update for Internet Explorer (2183461)
2010-08-11 00:00:00
Microsoft Internet Explorer multiple security vulnerabilities
2010-08-11 00:00:00
prion
prion
Memory corruption
2010-08-11 18:47:00
checkpoint_advisories
checkpoint_advisories
cve
cve
CVE-2010-2560
2010-08-11 18:47:51
openvas
openvas
Microsoft Internet Explorer Multiple Vulnerabilities (2183461)
2010-08-11 00:00:00
Microsoft Internet Explorer Multiple Vulnerabilities (2183461)
2010-08-11 00:00:00
nessus
nessus
MS10-053: Cumulative Security Update for Internet Explorer (2183461)
2010-08-11 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.5
Confidence
High
EPSS
0.952
Percentile
99.4%
Related for NVD:CVE-2010-2560