Vulnerability Details CVE-2010-1260
The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.502
EPSS Ranking 97.7%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 9.3
References
- http://osvdb.org/65213
- http://support.avaya.com/css/P8/documents/100089747
- http://www.us-cert.gov/cas/techalerts/TA10-159B.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-035
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6686
- http://osvdb.org/65213
- http://support.avaya.com/css/P8/documents/100089747
- http://www.us-cert.gov/cas/techalerts/TA10-159B.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-035
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6686
Products affected by CVE-2010-1260
-
cpe:2.3:a:microsoft:internet_explorer:8
-
cpe:2.3:o:microsoft:windows_2003_server:-
-
cpe:2.3:o:microsoft:windows_7:-
-
cpe:2.3:o:microsoft:windows_server_2008:-
-
cpe:2.3:o:microsoft:windows_server_2008:r2
-
cpe:2.3:o:microsoft:windows_vista:-
-
cpe:2.3:o:microsoft:windows_xp:-
-
cpe:2.3:o:microsoft:windows_xp:unknown