CVE-2010-0811: Code Injection
First published: Tue Jun 08 2010(Updated: )
Multiple unspecified vulnerabilities in the Microsoft Internet Explorer 8 Developer Tools ActiveX control in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow remote attackers to execute arbitrary code via unknown vectors that "corrupt the system state," aka "Microsoft Internet Explorer 8 Developer Tools Vulnerability."
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows XP | =sp2 | |
| Microsoft Windows XP | =sp2 | |
| Microsoft Windows XP | =sp3 | |
| Microsoft Windows Server 2003 | =sp2 | |
| Microsoft Windows Server 2003 | =sp2 | |
| Microsoft Windows Vista | =sp2 | |
| Microsoft Windows Vista | =sp1 | |
| Microsoft Windows Vista | =sp1 | |
| Microsoft Windows Vista | =sp1 | |
| Microsoft Windows Vista | =sp2 | |
| Microsoft Windows Vista | =sp2 | |
| Microsoft Windows Server | =sp2 | |
| Microsoft Windows Server | ||
| Microsoft Windows Server | ||
| Microsoft Windows Server | =sp2 | |
| Microsoft Windows 7 | ||
| Microsoft Windows Server | =r2 | |
| Microsoft Windows Server | =r2 | |
| =sp2 | ||
| =sp3 | ||
| =sp2 | ||
| =sp2 | ||
| =sp2 | ||
| =sp1 | ||
| =sp2 | ||
| =sp1 | ||
| =sp2 | ||
| =sp2 | ||
| =sp2 | ||
| =r2 | ||
| =r2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.us-cert.gov/cas/techalerts/TA10-159B.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7492
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12534
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-027
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-034
Frequently Asked Questions
What is the severity of CVE-2010-0811?
CVE-2010-0811 has a severity rating that suggests it can potentially allow remote code execution.
How do I fix CVE-2010-0811?
To fix CVE-2010-0811, you should install the latest security updates provided by Microsoft for the affected Windows versions.
What systems are affected by CVE-2010-0811?
CVE-2010-0811 affects multiple Windows versions including XP SP2, XP SP3, Windows Vista, and Windows 7 among others.
Is there a workaround for CVE-2010-0811?
While the best approach is to install updates, disabling the Internet Explorer Developer Tools may serve as a temporary workaround for CVE-2010-0811.
Can CVE-2010-0811 be exploited remotely?
Yes, CVE-2010-0811 can be exploited remotely, allowing attackers to run arbitrary code on the affected systems.
- agent/type
- agent/severity
- agent/references
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/first-publish-date
- agent/author
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/microsoft
- canonical/microsoft windows xp
- version/microsoft windows xp/sp2
- version/microsoft windows xp/sp3
- canonical/microsoft windows server 2003
- version/microsoft windows server 2003/sp2
- canonical/microsoft windows vista
- version/microsoft windows vista/sp2
- version/microsoft windows vista/sp1
- canonical/microsoft windows server
- version/microsoft windows server/sp2
- canonical/microsoft windows 7
- version/microsoft windows server/r2