Lucene search
Peter Vreugdenhil ( http://vreugdenhilresearch.nl )ZDI-10-289HistoryDec 14, 2010 - 12:00 a.m.
Microsoft Internet Explorer HTML+Time Element outerText Remote Code Execution Vulnerability
2010-12-1400:00:00
Peter Vreugdenhil ( http://vreugdenhilresearch.nl )
www.zerodayinitiative.com
18
EPSS
0.939
Percentile
99.2%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must be convinced of visiting a malicious page or opening a malicious file. The specific flaw exists within usage of a particular element that’s part of the Timed Interactive Multimedia Extensions component of the browser. By removing an element referenced by a tag used for implementing an animation, the application can be made to access an element that has been previously freed. Successful exploitation can lead to code execution under the context of the application.
Related
saint
saint
Internet Explorer HTML+TIME element OuterText memory corruption
2010-12-16 00:00:00
Internet Explorer HTML+TIME element OuterText memory corruption
2010-12-16 00:00:00
Internet Explorer HTML+TIME element OuterText memory corruption
2010-12-16 00:00:00
checkpoint_advisories
checkpoint_advisories
prion
prion
Memory corruption
2010-12-16 19:33:00
nvd
nvd
CVE-2010-3346
2010-12-16 19:33:02
cve
cve
CVE-2010-3346
2010-12-16 19:33:02
cvelist
cvelist
CVE-2010-3346
2010-12-16 19:00:00
symantec
symantec
openvas
openvas
Microsoft Internet Explorer Multiple Vulnerabilities (2416400)
2010-12-15 00:00:00
Microsoft Internet Explorer Multiple Vulnerabilities (2416400)
2010-12-15 00:00:00
securityvulns
securityvulns
nessus
nessus
MS10-090: Cumulative Security Update for Internet Explorer (2416400)
2010-12-15 00:00:00
mskb
mskb
MS10-090: Cumulative security update for Internet Explorer
2014-06-21 14:33:28
threatpost
threatpost
ExploitHub Offering Bounties – And Residuals – for Exploits
2011-10-05 13:11:31