CVE-2010-0806

Use-after-free vulnerability in the Peer Objects component (aka iepeers.dll) in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers...

Basic Information

CVE State
PUBLISHED
Reserved Date
March 02, 2010
Published Date
March 10, 2010
Last Updated
August 07, 2024
Vendor
Microsoft
Product
Internet Explorer
Description
Use-after-free vulnerability in the Peer Objects component (aka iepeers.dll) in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object, as exploited in the wild in March 2010, aka "Uninitialized Memory Corruption Vulnerability."
Tags
metasploit_scanner

CVSS Scores

CVSS v2.0

9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploit Status

Exploited in the Wild
Yes (2010-03-10 22:00:00 UTC) Source

Known Exploited Vulnerability Information

Source Added Date
CVE 2010-03-10 22:00:00 UTC

Scanner Integrations

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

ms10_018_ie_behaviors

Type: metasploit • Created: Unknown

Metasploit module for CVE-2010-0806

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel

  • Detected by Metasploit