CVE-2010-0247

Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."

Published: Jan 22, 2010
Updated: Nov 9, 2025
CVE: CVE-2010-0247
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-94

Affected Software
References

Software	From	Fixed in
microsoft / internet_explorer	6-sp1	6-sp1.x
microsoft / internet_explorer	6	6.x
microsoft / internet_explorer	6.0	6.0.x
microsoft / internet_explorer	6.00.2462.0000	6.00.2462.0000.x
microsoft / internet_explorer	6.00.2479.0006	6.00.2479.0006.x
microsoft / internet_explorer	6.0.2600	6.0.2600.x
microsoft / internet_explorer	6.00.2600.0000	6.00.2600.0000.x
microsoft / internet_explorer	6.0.2800	6.0.2800.x
microsoft / internet_explorer	6.0.2800.1106	6.0.2800.1106.x
microsoft / internet_explorer	6.00.2800.1106	6.00.2800.1106.x
microsoft / internet_explorer	6.0.2900	6.0.2900.x
microsoft / internet_explorer	6.0.2900.2180	6.0.2900.2180.x
microsoft / internet_explorer	6.00.2900.2180	6.00.2900.2180.x
microsoft / internet_explorer	6.00.3663.0000	6.00.3663.0000.x
microsoft / internet_explorer	6.00.3718.0000	6.00.3718.0000.x
microsoft / internet_explorer	6.00.3790.0000	6.00.3790.0000.x
microsoft / internet_explorer	6.00.3790.1830	6.00.3790.1830.x
microsoft / internet_explorer	6.00.3790.3959	6.00.3790.3959.x
microsoft / internet_explorer	5.01-sp4	5.01-sp4.x

Vulnerability Database

314,453

CVE-2010-0247

Deep Security Visibility Without the Complexity