Oval Definition:oval:org.mitre.oval:def:8506
Revision Date:2010-03-01Version:42
Title:Uninitialized Memory Corruption Vulnerability (CVE-2010-0247)
Description:Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2010-0247
Platform(s):Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s):Microsoft Internet Explorer
Definition Synopsis
  • AND
  • Microsoft Windows 2000 SP4 or later is installed
  • AND Microsoft Internet Explorer 5.01 SP4 is installed
  • AND Mshtml.dll version is less than 5.0.3884.1600
  • OR
  • Microsoft Windows 2000 SP4 or later is installed
  • AND Microsoft Internet Explorer 6 is installed
  • AND Mshtml.dll version is less than 6.0.2800.1644
  • OR
  • Microsoft Windows XP (x86) SP2 is installed
  • AND Microsoft Internet Explorer 6 is installed
  • AND Mshtml.dll version is less than 6.0.2900.3660
  • OR
  • Microsoft Windows XP (x86) SP3 is installed
  • AND Microsoft Internet Explorer 6 is installed
  • AND Mshtml.dll version is less than 6.0.2900.5921
  • OR
  • Microsoft Windows XP x64 Edition SP2 is installed
  • OR Microsoft Windows Server 2003 SP2 (x86) is installed
  • OR Microsoft Windows Server 2003 SP2 (x64) is installed
  • OR Microsoft Windows Server 2003 (ia64) SP2 is installed
  • AND Microsoft Internet Explorer 6 is installed
  • AND Mshtml.dll version is less than 6.0.3790.4639
    • BACK