CVE-2010-0248

Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability."
Code Injection
Severity
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Atk. Vector
NETWORK
Atk. Complexity
HIGH
Priv. Required
NONE
Base Score
CVSS 3.x
EPSS Score
Percentile: 99%
VendorProductVersion
microsoftinternet_explorer
8.0.6001
microsoftinternet_explorer
7.0
microsoftinternet_explorer
7.0.5730
microsoftinternet_explorer
7.0.5730.11
microsoftinternet_explorer
7.00.5730.1100
microsoftinternet_explorer
7.00.6000.16386
microsoftinternet_explorer
7.00.6000.16441
microsoftinternet_explorer
6.0
microsoftinternet_explorer
6.00.2462.0000
microsoftinternet_explorer
6.00.2479.0006
microsoftinternet_explorer
6.0.2600
microsoftinternet_explorer
6.00.2600.0000
microsoftinternet_explorer
6.0.2800
microsoftinternet_explorer
6.0.2800.1106
microsoftinternet_explorer
6.00.2800.1106
microsoftinternet_explorer
6.0.2900
microsoftinternet_explorer
6.0.2900.2180
microsoftinternet_explorer
6.00.2900.2180
microsoftinternet_explorer
6.00.3663.0000
microsoftinternet_explorer
6.00.3718.0000
microsoftinternet_explorer
6.00.3790.0000
microsoftinternet_explorer
6.00.3790.1830
microsoftinternet_explorer
6.00.3790.3959
𝑥
= Vulnerable software versions