CVE-2010-0805

Currently unrated

Key Information:

Vendor: Microsoft
Status: Internet Explorer; Windows 2000
Vendor: CVE Published:; 31 March 2010

Summary

The Tabular Data Control (TDC) ActiveX control in Microsoft Internet Explorer 5.01 SP4, 6 on Windows XP SP2 and SP3, and 6 SP1 allows remote attackers to execute arbitrary code via a long URL (DataURL parameter) that triggers memory corruption in the CTDCCtl::SecurityCHeckDataURL function, aka "Memory Corruption Vulnerability."

References

http://www.securityfocus.com/bid/39025

vdb-entryx_refsource_BID

http://www.us-cert.gov/cas/techalerts/TA10-089A.html

third-party-advisoryx_refsource_CERT

http://www.securityfocus.com/archive/1/510507/100/0/threaded

mailing-listx_refsource_BUGTRAQ

EPSS Score

96% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 31, 2010
Vulnerability Reserved
Mar 2, 2010

Collectors

NVD DatabaseMitre Database