Threat Monitor
Troj.Exploit.JS.CVE-2010-0806.c
| Aliases: | |
|---|---|
| Pattern: | 201004201330 |
| Threat Type | Propagation Methods | Systems Affected | Risk Level |
|---|---|---|---|
|
|
|
|
Microsoft Internet Explorer is prone to a Code Execution Vulnerability.
The issue occurs because a use-after-free error in iepeers.dll when handling invalid values passed to the "setAttribute()" function can be exploited to dereference invalid memory when a specially crafted web page using the "#default#userData" behavior is accessed.
By persuading a victim to visit a specially-crafted Web page, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privilege of the victim.
Affected: Microsoft Internet Explorer 7.0
Microsoft Internet Explorer 6.0 SP1
Microsoft Internet Explorer 6.0
The issue occurs because a use-after-free error in iepeers.dll when handling invalid values passed to the "setAttribute()" function can be exploited to dereference invalid memory when a specially crafted web page using the "#default#userData" behavior is accessed.
By persuading a victim to visit a specially-crafted Web page, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privilege of the victim.
Affected: Microsoft Internet Explorer 7.0
Microsoft Internet Explorer 6.0 SP1
Microsoft Internet Explorer 6.0
