Oval Definition:oval:org.mitre.oval:def:8080
Revision Date:2010-06-07Version:43
Title:Memory Corruption Vulnerability (CVE-2010-0805)
Description:The Tabular Data Control (TDC) ActiveX control in Microsoft Internet Explorer 5.01 SP4, 6 on Windows XP SP2 and SP3, and 6 SP1 allows remote attackers to execute arbitrary code via a long URL (DataURL parameter) that triggers memory corruption in the CTDCCtl::SecurityCHeckDataURL function, aka "Memory Corruption Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2010-0805
Platform(s):Microsoft Windows 2000
Microsoft Windows XP
Product(s):Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 6
Definition Synopsis
  • Internet Explorer 5.01 Service Pack 4 on Windows 2000
  • Microsoft Windows 2000 SP4 or later is installed
  • AND Microsoft Internet Explorer 5.01 SP4 is installed
  • AND Mshtml.dll version is less than 5.0.3886.1900
  • OR Internet Explorer 6 on Windows 2000 - RTMGDR
  • Microsoft Windows 2000 SP4 or later is installed
  • AND Microsoft Internet Explorer 6 is installed
  • AND Mshtml.dll version is less than 6.0.2800.1646
  • OR Internet Explorer 6 on XP x86 SP2
  • Microsoft Windows XP (x86) SP2 is installed
  • AND Microsoft Internet Explorer 6 is installed
  • AND Mshtml.dll version is less than 6.0.2900.3676
  • OR Internet Explorer 6 on XP x86 SP3
  • Microsoft Windows XP (x86) SP3 is installed
  • AND Microsoft Internet Explorer 6 is installed
  • AND Mshtml.dll version is less than 6.0.2900.5945
  • OR Internet Explorer 6 on XP x64 SP2
  • Microsoft Windows XP x64 Edition SP2 is installed
  • AND Microsoft Internet Explorer 6 is installed
  • AND Mshtml.dll version is less than 6.0.3790.4672
    • BACK