CVE-2010-1118
published 2010-03-25CVE-2010-1118: Unspecified vulnerability in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to execute arbitrary code via unknown vectors, possibly related…
PriorityP348critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
21.95%
97.3th percentile
Unspecified vulnerability in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a use-after-free issue, as demonstrated by Peter Vreugdenhil during a Pwn2Own competition at CanSecWest 2010.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | data_access_components | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | windows_data_access_components | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-3h23-qfr3-fm4r: Microsoft Data Access Components (MDAC) 2
ghsa_unreviewed·2022-05-03·CVSS 7.6
CVE-2011-0027 [HIGH] CWE-20 GHSA-3h23-qfr3-fm4r: Microsoft Data Access Components (MDAC) 2
Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, does not properly validate memory allocation for internal data structures, which allows remote attackers to execute arbitrary code, possibly via a large CacheSize property that triggers an integer wrap and a buffer overflow, aka "ADO Record Memory Vulnerability." NOTE: this might be a duplicate of CVE-2010-1117 or CVE-2010-1118.
GHSA
GHSA-cmwj-g9pr-hgfp: Unspecified vulnerability in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to execute arbitrary code via unknown vectors, possibl
ghsa_unreviewed·2022-05-02
CVE-2010-1118 [HIGH] GHSA-cmwj-g9pr-hgfp: Unspecified vulnerability in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to execute arbitrary code via unknown vectors, possibl
Unspecified vulnerability in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a use-after-free issue, as demonstrated by Peter Vreugdenhil during a Pwn2Own competition at CanSecWest 2010.
No detection rules found.
No writeups or analysis indexed.
http://dvlabs.tippingpoint.com/blog/2010/02/15/pwn2own-2010http://news.cnet.com/8301-27080_3-20001126-245.htmlhttp://twitter.com/thezdi/statuses/11003801960http://vreugdenhilresearch.nl/Pwn2Own-2010-Windows7-InternetExplorer8.pdfhttps://exchange.xforce.ibmcloud.com/vulnerabilities/57197http://dvlabs.tippingpoint.com/blog/2010/02/15/pwn2own-2010http://news.cnet.com/8301-27080_3-20001126-245.htmlhttp://twitter.com/thezdi/statuses/11003801960http://vreugdenhilresearch.nl/Pwn2Own-2010-Windows7-InternetExplorer8.pdfhttps://exchange.xforce.ibmcloud.com/vulnerabilities/57197
2010-03-25
Published