CVE-2010-0019

Microsoft Silverlight 3 before 3.0.50611.0 on Windows, and before 3.0.41130.0 on Mac OS X, does not properly handle pointers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and framework outage) via a crafted web site, aka "Microsoft Silverlight Memory Corruption Vulnerability."

Published: Aug 11, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-0019
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-94

Affected Software
References

Software	From	Fixed in
microsoft / silverlight	-	3.0.40818.0.x
microsoft / silverlight	3.0.40624.00	3.0.40624.00.x
microsoft / silverlight	3.0.40723.0	3.0.40723.0.x
microsoft / silverlight	-	3.0.50106.0.x
microsoft / silverlight	3.0.40818.0	3.0.40818.0.x

http://www.us-cert.gov/cas/techalerts/TA10-222A.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-060

Vulnerability Database

CVE-2010-0019

Deep Security Visibility Without the Complexity