CVE-2010-0492
Use-after-free vulnerability in mstime.dll in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via vectors related to the TIME2 behavior, the CTimeAction object, and destruction of markup, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability."
| Software | From | Fixed in |
|---|---|---|
| microsoft / internet_explorer | 8 | 8.x |
| microsoft / internet_explorer | 8.0.6001 | 8.0.6001.x |
| microsoft / windows_2003_server | - | - |
| microsoft / windows_server_2003 | - | - |
| microsoft / windows_server_2008 | - | - |
| microsoft / windows_vista | - | - |
| microsoft / windows_vista | --sp2 | --sp2.x |
| microsoft / windows_vista | --sp1 | --sp1.x |
| microsoft / windows_xp | - | - |
| microsoft / windows_xp | --sp2 | --sp2.x |
- http://securitytracker.com/id?1023773
- http://www.securityfocus.com/archive/1/510506/100/0/threaded
- http://www.securityfocus.com/bid/39030
- http://www.us-cert.gov/cas/techalerts/TA10-068A.html
- http://www.us-cert.gov/cas/techalerts/TA10-089A.html
- http://www.vupen.com/english/advisories/2010/0744
- http://www.zerodayinitiative.com/advisories/ZDI-10-033
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-018
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7722
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime