Vulnerability Name: CVE-2010-0811 (CCN-57338) Assigned: 2010-06-08 Published: 2010-06-08 Updated: 2018-10-30 Summary: Multiple unspecified vulnerabilities in the Microsoft Internet Explorer 8 Developer Tools ActiveX control in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow remote attackers to execute arbitrary code via unknown vectors that "corrupt the system state," aka "Microsoft Internet Explorer 8 Developer Tools Vulnerability." CVSS v3 Severity: 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C 6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C 6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-94 Vulnerability Consequences: Gain Access References: Source: MITRECVE-2010-0811 Microsoft Internet Explorer Developer Tools ActiveX Control Vulnerability Kodak Gallery Easy Upload ActiveX Unspecified Vulnerability Kodak Ofoto Upload Manager ActiveX Buffer Overflow Vulnerabilities Microsoft Windows Messenger ActiveX Control Unspecified Vulnerability Cumulative Security Update of ActiveX Kill Bits (2618451) Business Communications Solutions from Avaya KODAK Digital Cameras, Printers, Digital Video Cameras & more Cumulative Security Update of ActiveX Kill Bits (980195) Cumulative Security Update of ActiveX Kill Bits (2508272) Microsoft Internet Explorer 8 Developer Tools Remote Code Execution Vulnerability Kodak Gallery Easy Upload Manager ActiveX Control Unspecified Security Vulnerability Avaya CallPilot Unified Messaging ActiveX Control Unspecified Security Vulnerability TA10-159B MS10-034 MS11-027 ie-developer-tools-code-exec(57338) oval:org.mitre.oval:def:12534 oval:org.mitre.oval:def:7492 Vulnerable Configuration: Configuration 1 :cpe:/o:microsoft:windows_xp:*:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp3:*:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:* Configuration 2 :cpe:/o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:* Configuration 3 :cpe:/o:microsoft:windows_vista:*:sp1:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:*:sp1:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:*:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:*:sp2:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:-:sp1:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:-:sp2:*:*:*:*:*:* Configuration 4 :cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x32:* OR cpe:/o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:* OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:* Configuration 5 :cpe:/o:microsoft:windows_7:-:*:*:*:*:*:*:* Configuration 6 :cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:itanium:* OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:* Configuration CCN 1 :cpe:/a:microsoft:ie:8.0:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x32:* AND cpe:/o:microsoft:windows:xp:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows:server_2003:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows:server_2003:sp2:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_xp::sp2:x64:*:professional:*:*:* OR cpe:/o:microsoft:windows_vista:-:sp1:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:-:sp1:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x64:* OR cpe:/o:microsoft:windows:xp:sp3:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:-:sp2:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:-:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:* OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:* OR cpe:/o:microsoft:windows_7:-:-:*:*:ultimate_n:*:x64:* OR cpe:/o:microsoft:windows_7:-:*:*:*:*:*:x32:* OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:* OR cpe:/o:microsoft:windows_server_2008:r2:*:*:*:*:*:itanium:* Oval Definitions BACK
microsoft windows xp * sp2
microsoft windows xp * sp3
microsoft windows xp - sp2
microsoft windows 2003 server * sp2
microsoft windows 2003 server * sp2
microsoft windows vista * sp1
microsoft windows vista * sp1
microsoft windows vista * sp2
microsoft windows vista * sp2
microsoft windows vista - sp1
microsoft windows vista - sp2
microsoft windows server 2008 *
microsoft windows server 2008 *
microsoft windows server 2008 * sp2
microsoft windows server 2008 * sp2
microsoft windows 7 -
microsoft windows server 2008 r2
microsoft windows server 2008 r2
microsoft ie 8.0
microsoft windows server 2008 -
microsoft windows xp sp2
microsoft windows server_2003 sp2
microsoft windows server_2003 sp2
microsoft windows xp sp2
microsoft windows vista - sp1
microsoft windows vista - sp1
microsoft windows server 2008 -
microsoft windows xp sp3
microsoft windows vista - sp2
microsoft windows vista - sp2
microsoft windows server 2008 sp2
microsoft windows server 2008 sp2
microsoft windows 7 -
microsoft windows 7 -
microsoft windows server 2008 - r2
microsoft windows server 2008 r2
Denotes that component is vulnerable