CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-0492

Use-after-free vulnerability in mstime.dll in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via vectors related to the TIME2 behavior, the CTimeAction object, and destruction of markup, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.596

EPSS Ranking 98.1%

CVSS Severity

CVSS v3 Score 8.1

CVSS v2 Score 9.3

References

Products affected by CVE-2010-0492

Microsoft » Internet Explorer » Version: 8

cpe:2.3:a:microsoft:internet_explorer:8
Microsoft » Internet Explorer » Version: 8.0.6001

cpe:2.3:a:microsoft:internet_explorer:8.0.6001
Microsoft » Windows 2003 Server » Version: N/A

cpe:2.3:o:microsoft:windows_2003_server:-
Microsoft » Windows 7 » Version: N/A

cpe:2.3:o:microsoft:windows_7:-
Microsoft » Windows Server 2003 » Version: N/A

cpe:2.3:o:microsoft:windows_server_2003:-
Microsoft » Windows Server 2003 » Version: r2

cpe:2.3:o:microsoft:windows_server_2003:r2
Microsoft » Windows Server 2008 » Version: N/A

cpe:2.3:o:microsoft:windows_server_2008:-
Microsoft » Windows Server 2008 » Version: r2

cpe:2.3:o:microsoft:windows_server_2008:r2
Microsoft » Windows Vista » Version: N/A

cpe:2.3:o:microsoft:windows_vista:-
Microsoft » Windows Xp » Version: N/A

cpe:2.3:o:microsoft:windows_xp:-
Microsoft » Windows Xp » Version: unknown

cpe:2.3:o:microsoft:windows_xp:unknown

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-0492

Products

Pricing

Contact Us