Microsoft Internet Explorer Remote Code Execution Vulnerability (979352) Network Vulnerability

Summary

The host is installed with Internet Explorer and is prone to Remote Code Execution vulnerability. This NVT has been replaced by NVT secpod_ms10-002.nasl (OID:1.3.6.1.4.1.25623.1.0.901097).

Impact

Successful exploitation will allow remote attackers to execute arbitrary code via specially crafted attack. Impact Level: Application

Solution

Apply the patch, http://support.microsoft.com/kb/979352 Workaround: Apply workaround as in the advisory. ***** NOTE: Ignore this warning if you are using IE 8 on Windows XP SP3 because IE 8 opts-in to DEP by default. *****

Insight

An invalid pointer reference error exists under certain conditions letting an invalid pointer to be accessed after an object is deleted.

Affected

Internet Explorer Version 6.x, 7.x , 8.x

References

http://support.microsoft.com/kb/979352
http://www.microsoft.com/technet/security/advisory/979352.mspx

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0249

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe AIR Multiple Vulnerabilities-01 Sep13 (Mac OS X)
Adobe Air Multiple Vulnerabilities June-2012 (Mac OS X)
Adobe AIR Multiple Vulnerabilities(APSB14-24)-(Mac OS X)
Adobe AIR Multiple Vulnerabilities-01 Sep13 (Windows)
Adobe AIR Multiple Vulnerabilities -01 Feb13 (Mac OS X)

Take action and discover your vulnerabilities