Skip to main content

Microsoft Internet Explorer Invalid Pointer Reference Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 15 Jan 2010 5220 Views

RISK: Medium Risk

A vulnerability has been identified in Microsoft Internet Explorer, which could be exploited by attackers to compromise a vulnerable system. The vulnerability exists as an invalid pointer reference within Internet Explorer. It is possible under certain conditions for the invalid pointer to be accessed after an object is deleted. In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution.


Impact

  • Remote Code Execution

System / Technologies affected

  • Internet Explorer 6
  • Internet Explorer 7
  • Internet Explorer 8

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Apply patches :
http://www.microsoft.com/technet/security/bulletin/ms10-002.mspx


Vulnerability Identifier


Source


Related Link