← Back

CVE-2010-0491

nvd nist
Published: Mar 31, 2010Modified: Apr 29, 2026

JSON object

Loading...
9.3
Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
Exploitability: 8.6 / Impact: 10.0
Source: NVD

Description

Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 allows remote attackers to execute arbitrary code by changing unspecified properties of an HTML object that has an onreadystatechange event handler, aka "HTML Object Memory Corruption Vulnerability."

Affected (9)

Microsoft
5 products
Internet Explorer
Windows 2003 Server
Windows Server 2003
Windows Xp
Windows 2000
Configuration A
6 vulnerable
Vulnerable SoftwareAffected Versions
Internet Explorer
Version 6
Windows 2003 Server
All versions
Windows Server 2003
All versions
Microsoft
Windows Xp
All versions
Windows Xp
All versions
Windows Xp
All versions
Configuration B
3 vulnerable
Vulnerable SoftwareAffected Versions
Microsoft
Internet Explorer
Version 5.01 sp4
Internet Explorer
Version 6 sp1
Windows 2000
All versions

Related CWEs

CWE-399
CWE-399

References (16)

Source: secure@microsoft.com
Source: secure@microsoft.com
Source: secure@microsoft.com
Patch
Source: secure@microsoft.com
US Government Resource
Source: secure@microsoft.com
US Government Resource
Source: secure@microsoft.com
PatchVendor Advisory
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.