CVE-2010-1117 Information

Description

Heap-based buffer overflow in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to discover the base address of a Windows .dll file and possibly have unspecified other impact via unknown vectors as demonstrated by Peter Vreugdenhil during a Pwn2Own competition at CanSecWest 2010.

Reference

http://dvlabs.tippingpoint.com/blog/2010/02/15/pwn2own-2010 http://news.cnet.com/8301-27080_3-20001126-245.html http://twitter.com/thezdi/statuses/11003801960 http://vreugdenhilresearch.nl/Pwn2Own-2010-Windows7-InternetExplorer8.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/57196