Main Vulnerability Database Exploits ID:1676 - Exploit for Use-after-free in Microsoft Internet Explorer - CVE-2010-0249

ID:1676 - Exploit for Use-after-free in Microsoft Internet Explorer - CVE-2010-0249

Published: March 18, 2020

Vulnerability identifier: #VU5541

Vulnerability risk: Critical

CVE-ID: CVE-2010-0249

CWE-ID: CWE-416

Exploitation vector: Remote access

Vulnerable software:
Microsoft Internet Explorer

Link to public exploit:

https://www.rapid7.com/db/modules/exploit/windows/browser/ms10_002_aurora

Vulnerability description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to use-after-free error in Microsoft Internet Explorer. A remote attacker can execute arbitrary code by accessing a pointer associated with a deleted object.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Note: this vulnerability is being actively exploited.

Remediation

Install update from vendor's website.

ID:1676 - Exploit for Use-after-free in Microsoft Internet Explorer - CVE-2010-0249

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human