CVE-2010-0806

HIGH

Use-after-free vulnerability in the Peer Objects component (aka iepeers.dll) in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object, as exploited in the wild in March 2010, aka "Uninitialized Memory Corruption Vulnerability."

CVSS v3.1 Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Complexity

LOW

Privileges

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Published: 3/10/2010Modified: 5/21/2026

Related Intelligence (0)

No articles currently reference this CVE.

References (28)

http://blogs.technet.com/msrc/archive/2010/03/09/security-advisory-981374-released.aspxBroken Link http://osvdb.org/62810Broken Link http://secunia.com/advisories/38860Vendor Advisory http://www.kb.cert.org/vuls/id/744549PatchUS Government Resource http://www.microsoft.com/technet/security/advisory/981374.mspxPatchVendor Advisory http://www.securityfocus.com/bid/38615Broken Link http://www.us-cert.gov/cas/techalerts/TA10-068A.htmlUS Government Resource http://www.us-cert.gov/cas/techalerts/TA10-089A.htmlUS Government Resource http://www.vupen.com/english/advisories/2010/0567Vendor Advisory http://www.vupen.com/english/advisories/2010/0744Vendor Advisory https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-018Vendor Advisory https://exchange.xforce.ibmcloud.com/vulnerabilities/56772Third Party AdvisoryVDB Entry https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8446Broken Link http://blogs.technet.com/msrc/archive/2010/03/09/security-advisory-981374-released.aspxBroken Link http://osvdb.org/62810Broken Link http://secunia.com/advisories/38860Vendor Advisory http://www.kb.cert.org/vuls/id/744549PatchUS Government Resource http://www.microsoft.com/technet/security/advisory/981374.mspxPatchVendor Advisory http://www.securityfocus.com/bid/38615Broken Link http://www.us-cert.gov/cas/techalerts/TA10-068A.htmlUS Government Resource http://www.us-cert.gov/cas/techalerts/TA10-089A.htmlUS Government Resource http://www.vupen.com/english/advisories/2010/0567Vendor Advisory http://www.vupen.com/english/advisories/2010/0744Vendor Advisory https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-018Vendor Advisory https://exchange.xforce.ibmcloud.com/vulnerabilities/56772Third Party AdvisoryVDB Entry https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8446Broken Link https://learn.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-018Vendor Advisory https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-0806US Government Resource