CVE-2010-0492 Information

Description

Use-after-free vulnerability in mstime.dll in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via vectors related to the TIME2 behavior the CTimeAction object and destruction of markup leading to memory corruption aka \HTML Object Memory Corruption Vulnerability.\

Reference

http://securitytracker.com/id?1023773 http://www.securityfocus.com/archive/1/510506/100/0/threaded http://www.securityfocus.com/bid/39030 http://www.us-cert.gov/cas/techalerts/TA10-068A.html http://www.us-cert.gov/cas/techalerts/TA10-089A.html http://www.vupen.com/english/advisories/2010/0744 http://www.zerodayinitiative.com/advisories/ZDI-10-033 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-018 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A7722