Vulnerabilities > CVE-2010-1118 - Unspecified vulnerability in Microsoft Internet Explorer 8

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

microsoft

critical

NVD

Published: 2010-03-25

Updated: 2021-07-23

Summary

Unspecified vulnerability in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a use-after-free issue, as demonstrated by Peter Vreugdenhil during a Pwn2Own competition at CanSecWest 2010.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Internet Explorer 8	1
OS	Microsoft Microsoft Windows 7 *	1

References

http://dvlabs.tippingpoint.com/blog/2010/02/15/pwn2own-2010
http://vreugdenhilresearch.nl/Pwn2Own-2010-Windows7-InternetExplorer8.pdf
http://twitter.com/thezdi/statuses/11003801960
http://news.cnet.com/8301-27080_3-20001126-245.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/57197