mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-29 01:31:20 +00:00
244 lines
8.1 KiB
JSON
244 lines
8.1 KiB
JSON
{
|
|
"id": "CVE-2010-2560",
|
|
"sourceIdentifier": "secure@microsoft.com",
|
|
"published": "2010-08-11T18:47:51.000",
|
|
"lastModified": "2022-02-28T18:57:26.447",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka \"HTML Layout Memory Corruption Vulnerability.\""
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Microsoft Internet Explorer v6, v7, y v8 no maneja adecuadamente objetos en memoria, lo que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n aceediendo al objeto que (1) que no fue inicializado (2) es borrado, lo que proboca una corrupci\u00f3n de memoria , conocido como \"Vulnerabilidad de corrupci\u00f3n de Memoria HTML Layout.\""
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "COMPLETE",
|
|
"integrityImpact": "COMPLETE",
|
|
"availabilityImpact": "COMPLETE",
|
|
"baseScore": 9.3
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 10.0,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": true,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": true
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-787"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:x64:*",
|
|
"matchCriteriaId": "BADB0479-3E0E-4326-B568-9DBDCACF0B5E"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C2EE0AD3-2ADC-480E-B03E-06962EC4F095"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*",
|
|
"matchCriteriaId": "C6109348-BC79-4ED3-8D41-EA546A540C79"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A52E757F-9B41-43B4-9D67-3FEDACA71283"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C2EE0AD3-2ADC-480E-B03E-06962EC4F095"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "36559BC0-44D7-48B3-86FF-1BFF0257B5ED"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*",
|
|
"matchCriteriaId": "C6109348-BC79-4ED3-8D41-EA546A540C79"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html",
|
|
"source": "secure@microsoft.com",
|
|
"tags": [
|
|
"Third Party Advisory",
|
|
"US Government Resource"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-053",
|
|
"source": "secure@microsoft.com",
|
|
"tags": [
|
|
"Patch",
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11832",
|
|
"source": "secure@microsoft.com",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |