CVE-2010-0806

KEV

Published: Mar 10, 2010 Last Modified: Apr 29, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 9,3

Source: [email protected]

Access Vector: network

Access Complexity: medium

Authentication: none

Confidentiality: complete

Integrity: complete

Availability: complete

Description

AI Translation Available

Use-after-free vulnerability in the Peer Objects component (aka iepeers.dll) in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object, as exploited in the wild in March 2010, aka 'Uninitialized Memory Corruption Vulnerability.'

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,8948

Percentile

1,0th

Updated

EPSS Score Trend (Last 75 Days)

Exploit

Microsoft Internet Explorer - 'iepeers.dll' Use-After-Free (Metasploit)

Verified Metasploit Framework (MSF)

Microsoft Internet Explorer - 'iepeers.dll' Use-After-Free (Metasploit)

Author: Trancer Published: Status: Verified

View Exploit Code →

Exploit

Microsoft Internet Explorer - DHTML Behaviour Use-After-Free (MS10-018) …

Verified Metasploit Framework (MSF)

Microsoft Internet Explorer - DHTML Behaviour Use-After-Free (MS10-018) (Metasploit)

Author: Metasploit Published: Status: Verified

View Exploit Code →

Operating System

Windows Vista by Microsoft

Product Information

Vendor Microsoft

Product Windows Vista

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Internet Explorer by Microsoft

Product Information

Vendor Microsoft

Product Internet Explorer

Version 7

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Windows Vista by Microsoft

Product Information

Vendor Microsoft

Product Windows Vista

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Windows 2003 Server by Microsoft

Product Information

Vendor Microsoft

Product Windows 2003 Server

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Windows Server 2008 by Microsoft

Product Information

Vendor Microsoft

Product Windows Server 2008

Version -

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x64:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Windows Vista by Microsoft

Product Information

Vendor Microsoft

Product Windows Vista

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Windows Server 2003 by Microsoft

Product Information

Vendor Microsoft

Product Windows Server 2003

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Internet Explorer by Microsoft

Product Information

Vendor Microsoft

Product Internet Explorer

Version 6

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Windows Server 2008 by Microsoft

Product Information

Vendor Microsoft

Product Windows Server 2008

Version -

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Windows Server 2008 by Microsoft

Product Information

Vendor Microsoft

Product Windows Server 2008

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Windows Server 2008 by Microsoft

Product Information

Vendor Microsoft

Product Windows Server 2008

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Windows 2000 by Microsoft

Product Information

Vendor Microsoft

Product Windows 2000

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Windows Xp by Microsoft

Product Information

Vendor Microsoft

Product Windows Xp

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Windows Server 2008 by Microsoft

Product Information

Vendor Microsoft

Product Windows Server 2008

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Windows Server 2008 by Microsoft

Product Information

Vendor Microsoft

Product Windows Server 2008

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Windows Vista by Microsoft

Product Information

Vendor Microsoft

Product Windows Vista

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Windows Xp by Microsoft

Product Information

Vendor Microsoft

Product Windows Xp

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Windows 2003 Server by Microsoft

Product Information

Vendor Microsoft

Product Windows 2003 Server

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Windows Xp by Microsoft

Product Information

Vendor Microsoft

Product Windows Xp

Version -

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

http://blogs.technet.com/msrc/archive/2010/03/09/security-a…

http://blogs.technet.com/msrc/archive/2010/03/09/security-advisory-981374-relea…

http://osvdb.org/62810

http://osvdb.org/62810

https://docs.microsoft.com/en-us/security-updates/securityb…

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-0…

http://secunia.com/advisories/38860

http://secunia.com/advisories/38860

https://exchange.xforce.ibmcloud.com/vulnerabilities/56772

https://exchange.xforce.ibmcloud.com/vulnerabilities/56772

https://oval.cisecurity.org/repository/search/definition/ov…

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%…

http://www.kb.cert.org/vuls/id/744549

http://www.kb.cert.org/vuls/id/744549

http://www.microsoft.com/technet/security/advisory/981374.m…

http://www.microsoft.com/technet/security/advisory/981374.mspx

http://www.securityfocus.com/bid/38615

http://www.securityfocus.com/bid/38615

http://www.us-cert.gov/cas/techalerts/TA10-068A.html

http://www.us-cert.gov/cas/techalerts/TA10-068A.html

http://www.us-cert.gov/cas/techalerts/TA10-089A.html

http://www.us-cert.gov/cas/techalerts/TA10-089A.html

http://www.vupen.com/english/advisories/2010/0567

http://www.vupen.com/english/advisories/2010/0567

http://www.vupen.com/english/advisories/2010/0744

http://www.vupen.com/english/advisories/2010/0744

http://blogs.technet.com/msrc/archive/2010/03/09/security-a…

http://blogs.technet.com/msrc/archive/2010/03/09/security-advisory-981374-relea…

http://osvdb.org/62810

http://osvdb.org/62810

https://docs.microsoft.com/en-us/security-updates/securityb…

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-0…

http://secunia.com/advisories/38860

http://secunia.com/advisories/38860

https://exchange.xforce.ibmcloud.com/vulnerabilities/56772

https://exchange.xforce.ibmcloud.com/vulnerabilities/56772

https://oval.cisecurity.org/repository/search/definition/ov…

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%…

http://www.kb.cert.org/vuls/id/744549

http://www.kb.cert.org/vuls/id/744549

http://www.microsoft.com/technet/security/advisory/981374.m…

http://www.microsoft.com/technet/security/advisory/981374.mspx

http://www.securityfocus.com/bid/38615

http://www.securityfocus.com/bid/38615

http://www.us-cert.gov/cas/techalerts/TA10-068A.html

http://www.us-cert.gov/cas/techalerts/TA10-068A.html

http://www.us-cert.gov/cas/techalerts/TA10-089A.html

http://www.us-cert.gov/cas/techalerts/TA10-089A.html

http://www.vupen.com/english/advisories/2010/0567

http://www.vupen.com/english/advisories/2010/0567

http://www.vupen.com/english/advisories/2010/0744

http://www.vupen.com/english/advisories/2010/0744