CVE-2010-1117
published 2010-03-25CVE-2010-1117: Heap-based buffer overflow in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to discover the base address of a Windows .dll file, and…
PriorityP340high7.6CVSS 2.0
AVNACHAuNCCICAC
EPSS
14.04%
96.1th percentile
Heap-based buffer overflow in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to discover the base address of a Windows .dll file, and possibly have unspecified other impact, via unknown vectors, as demonstrated by Peter Vreugdenhil during a Pwn2Own competition at CanSecWest 2010.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | data_access_components | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | windows_data_access_components | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-3h23-qfr3-fm4r: Microsoft Data Access Components (MDAC) 2
ghsa_unreviewed·2022-05-03·CVSS 7.6
CVE-2011-0027 [HIGH] CWE-20 GHSA-3h23-qfr3-fm4r: Microsoft Data Access Components (MDAC) 2
Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, does not properly validate memory allocation for internal data structures, which allows remote attackers to execute arbitrary code, possibly via a large CacheSize property that triggers an integer wrap and a buffer overflow, aka "ADO Record Memory Vulnerability." NOTE: this might be a duplicate of CVE-2010-1117 or CVE-2010-1118.
GHSA
GHSA-q2jw-4pf6-6hm6: Heap-based buffer overflow in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to discover the base address of a Windows
ghsa_unreviewed·2022-05-02
CVE-2010-1117 [HIGH] CWE-119 GHSA-q2jw-4pf6-6hm6: Heap-based buffer overflow in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to discover the base address of a Windows
Heap-based buffer overflow in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to discover the base address of a Windows .dll file, and possibly have unspecified other impact, via unknown vectors, as demonstrated by Peter Vreugdenhil during a Pwn2Own competition at CanSecWest 2010.
No detection rules found.
No writeups or analysis indexed.
http://dvlabs.tippingpoint.com/blog/2010/02/15/pwn2own-2010http://news.cnet.com/8301-27080_3-20001126-245.htmlhttp://twitter.com/thezdi/statuses/11003801960http://vreugdenhilresearch.nl/Pwn2Own-2010-Windows7-InternetExplorer8.pdfhttps://exchange.xforce.ibmcloud.com/vulnerabilities/57196http://dvlabs.tippingpoint.com/blog/2010/02/15/pwn2own-2010http://news.cnet.com/8301-27080_3-20001126-245.htmlhttp://twitter.com/thezdi/statuses/11003801960http://vreugdenhilresearch.nl/Pwn2Own-2010-Windows7-InternetExplorer8.pdfhttps://exchange.xforce.ibmcloud.com/vulnerabilities/57196
2010-03-25
Published