National Cyber Awareness System

Vulnerability Summary for CVE-2010-3962

Overview

Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Cascading Style Sheets (CSS) token sequences and the clip attribute, aka an "invalid flag reference" issue or "Uninitialized Memory Corruption Vulnerability," as exploited in the wild in November 2010.

Impact

CVSS Severity (version 2.0):

CVSS Version 2 Metrics:

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

US-CERT Technical Alert: TA10-348A

Name: TA10-348A

Hyperlink:http://www.us-cert.gov/cas/techalerts/TA10-348A.html

US-CERT Vulnerability Note: VU#899748

Name: VU#899748

Hyperlink:http://www.kb.cert.org/vuls/id/899748

External Source: XF

Name: ms-ie-flag-code-execution(62962)

Hyperlink:http://xforce.iss.net/xforce/xfdb/62962

External Source: VUPEN

Name: ADV-2010-2880

Type: Advisory

Hyperlink:http://www.vupen.com/english/advisories/2010/2880

External Source: MISC

Name: http://www.symantec.com/connect/blogs/new-ie-0-day-used-targeted-attacks

Hyperlink:http://www.symantec.com/connect/blogs/new-ie-0-day-used-targeted-attacks

External Source: SECTRACK

Name: 1024676

Hyperlink:http://www.securitytracker.com/id?1024676

External Source: BID

Name: 44536

Hyperlink:http://www.securityfocus.com/bid/44536

External Source: MS

Name: MS10-090

Type: Advisory

Hyperlink:http://www.microsoft.com/technet/security/Bulletin/MS10-090.mspx

External Source: CONFIRM

Name: http://www.microsoft.com/technet/security/advisory/2458511.mspx

Type: Advisory

Hyperlink:http://www.microsoft.com/technet/security/advisory/2458511.mspx

External Source: EXPLOIT-DB

Name: 15421

Hyperlink:http://www.exploit-db.com/exploits/15421

External Source: EXPLOIT-DB

Name: 15418

Hyperlink:http://www.exploit-db.com/exploits/15418

External Source: SECUNIA

Name: 42091

Type: Advisory

Hyperlink:http://secunia.com/advisories/42091

External Source: OVAL

Name: oval:org.mitre.oval:def:12279

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12279

External Source: CONFIRM

Name: http://blogs.technet.com/b/msrc/archive/2010/11/02/microsoft-releases-security-advisory-2458511.aspx

Type: Advisory

Hyperlink:http://blogs.technet.com/b/msrc/archive/2010/11/02/microsoft-releases-security-advisory-2458511.aspx

References to Check Content

Identifier:oval:org.mitre.oval:def:11574

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:11574

Identifier:oval:org.mitre.oval:def:12279

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:12279