CVE-2010-1262Code Injection in Microsoft Internet Explorer

CWE-94Code Injection4 documents3 sources
Severity
9.3CRITICALNVD
EPSS
63.4%
top 1.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedJun 8
Latest updateMay 2

Description

Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, related to the CStyleSheet object and a free of the root container, aka "Memory Corruption Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

🔴Vulnerability Details

1
GHSA
GHSA-h88c-mjpv-c945: Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly2022-05-02

🕵️Threat Intelligence

2
Zscaler
Zscaler Provides Protection for 3 Microsoft Vulnerabilities
Zscaler
Zscaler found Multiple Security Vulnerabilities | 06-08-2010
CVE-2010-1262 — Code Injection in Microsoft | cvebase