Test ID:	1.3.6.1.4.1.25623.1.0.902155
Category:	Windows : Microsoft Bulletins
Title:	Microsoft Internet Explorer Multiple Vulnerabilities (980182)
Summary:	This host is missing a critical security update according to; Microsoft Bulletin MS10-018.
Description:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS10-018. Vulnerability Insight: Multiple flaws exist due to: - An use-after-free error within 'iepeers.dll'. - A memory corruption error when the browser accesses certain objects. - A memory corruption error when handling certain HTML objects - A error when handling content using specific encoding strings while submitting data. - A memory corruption error when the browser attempts to access an object that may have been corrupted due to a race condition. - Browser incorrectly interpreting the origin of scripts and HTML elements - A memory corruption error within the Tabular Data Control (TDC) ActiveX when processing overly long URLs Vulnerability Impact: Successful exploitation will let the attacker execute arbitrary codes via specially crafted HTML page in the context of the affected system and cause memory corruption. Affected Software/OS: Microsoft Internet Explorer version 5.x/6.x/7.x/8.x. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0267 BugTraq ID: 39023 http://www.securityfocus.com/bid/39023 Cert/CC Advisory: TA10-068A http://www.us-cert.gov/cas/techalerts/TA10-068A.html Cert/CC Advisory: TA10-089A http://www.us-cert.gov/cas/techalerts/TA10-089A.html Microsoft Security Bulletin: MS10-018 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-018 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8554 http://securitytracker.com/id?1023773 http://www.vupen.com/english/advisories/2010/0744 Common Vulnerability Exposure (CVE) ID: CVE-2010-0488 BugTraq ID: 39028 http://www.securityfocus.com/bid/39028 http://jvn.jp/en/jp/JVN49467403/index.html http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000011.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7840 Common Vulnerability Exposure (CVE) ID: CVE-2010-0489 BugTraq ID: 39026 http://www.securityfocus.com/bid/39026 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7774 Common Vulnerability Exposure (CVE) ID: CVE-2010-0490 BugTraq ID: 39031 http://www.securityfocus.com/bid/39031 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8302 Common Vulnerability Exposure (CVE) ID: CVE-2010-0491 BugTraq ID: 39027 http://www.securityfocus.com/bid/39027 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=864 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8421 Common Vulnerability Exposure (CVE) ID: CVE-2010-0492 BugTraq ID: 39030 http://www.securityfocus.com/bid/39030 Bugtraq: 20100402 ZDI-10-033: Microsoft Internet Explorer TIME2 Behavior Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/510506/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-10-033 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7722 Common Vulnerability Exposure (CVE) ID: CVE-2010-0494 BugTraq ID: 39047 http://www.securityfocus.com/bid/39047 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8553 Common Vulnerability Exposure (CVE) ID: CVE-2010-0805 BugTraq ID: 39025 http://www.securityfocus.com/bid/39025 Bugtraq: 20100402 ZDI-10-034: Microsoft Internet Explorer Tabular Data Control ActiveX Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/510507/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-10-034 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8080 Common Vulnerability Exposure (CVE) ID: CVE-2010-0806 BugTraq ID: 38615 http://www.securityfocus.com/bid/38615 CERT/CC vulnerability note: VU#744549 http://www.kb.cert.org/vuls/id/744549 http://osvdb.org/62810 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8446 http://secunia.com/advisories/38860 http://www.vupen.com/english/advisories/2010/0567 XForce ISS Database: ms-ie-useafterfree-code-execution(56772) https://exchange.xforce.ibmcloud.com/vulnerabilities/56772 Common Vulnerability Exposure (CVE) ID: CVE-2010-0807 BugTraq ID: 39024 http://www.securityfocus.com/bid/39024 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8532
Copyright	Copyright (C) 2010 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.