CVE-2010-0491 — Out-of-bounds Write in Microsoft Internet Explorer

CWE-3995 documents4 sources

Severity

9.3CRITICALNVD

EPSS

62.4%

top 1.63%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Internet Explorer

Timeline

PublishedMar 31

Latest updateMay 2

Description

Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 allows remote attackers to execute arbitrary code by changing unspecified properties of an HTML object that has an onreadystatechange event handler, aka "HTML Object Memory Corruption Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

▶NVDmicrosoft/internet_explorer5.01, 6+1

Patches

Patch: www.securityfocus.com ↗Patch: www.vupen.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-vjq2-qqgv-fxw5: Use-after-free vulnerability in Microsoft Internet Explorer 5↗2022-05-02

▶

💥Exploits & PoCs

Exploit-DB

Knox Arkeia Backup Client Type 77 (OSX) - Remote Overflow (Metasploit)↗2010-05-09

▶

Exploit-DB

Knox Arkeia Backup Client Type 77 (Windows x86) - Remote Overflow (Metasploit)↗2010-05-09

▶

💬Community

Bugzilla

CVE-2011-0015 CVE-2011-0016 CVE-2011-0427 CVE-2011-0490 CVE-2011-0491 CVE-2011-0492 CVE-2011-0493 CVE-2010-1676 CVE-2010-0383 CVE-2010-0385 tor various flaws [epel-5]↗2011-01-20

▶