CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
99.8%
Added: 04/22/2010
CVE: CVE-2010-0805
BID: 39025
OSVDB: 63329
Tabular Data Control is an ActiveX control which can be used to display data from a delimited text file.
A memory corruption vulnerability allows command execution when a user loads a web page which invokes Tabular Data Control with a specially crafted DataURL parameter.
Apply the patch referenced in Microsoft Security Bulletin 10-018.
<http://www.zerodayinitiative.com/advisories/ZDI-10-034/>
Exploit works on Internet Explorer 6 and requires a user to load the exploit page.
Windows