CVE-2010-0249

EPSS 90.06% · P100 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2010-0249

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object, related to incorrectly initialized memory and improper handling of objects in memory, as exploited in the wild in December 2009 and January 2010 during Operation Aurora, aka "HTML Object Memory Corruption Vulnerability."

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Microsoft Internet Explorer非法事件操作内存破坏漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Microsoft Internet Explorer是美国微软（Microsoft）公司发布的Windows操作系统中默认捆绑的Web浏览器。 Microsoft Internet Explorer在处理非法的事件操作时存在内存破坏漏洞。由于在创建对象以后没有增加相应的访问记数，恶意的对象操作流程可能导致指针指向被释放后重使用的内存，远程攻击者可通过诱使用户访问恶意网页非法操作内存在用户系统上执行指令。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2010-0249

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2010-0249

请登录查看更多情报信息。

http://news.cnet.com/8301-27080_3-10435232-245.htmlx_refsource_MISC
http://www.microsoft.com/technet/security/advisory/979352.mspxx_refsource_CONFIRM
http://blogs.technet.com/msrc/archive/2010/01/14/security-advisory-979352.aspxx_refsource_CONFIRM
http://www.securityfocus.com/bid/37815vdb-entryx_refsource_BID
http://www.exploit-db.com/exploits/11167exploitx_refsource_EXPLOIT-DB
http://osvdb.org/61697vdb-entryx_refsource_OSVDB
http://support.microsoft.com/kb/979352vendor-advisoryx_refsource_MSKB
http://securitytracker.com/id?1023462vdb-entryx_refsource_SECTRACK
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-002vendor-advisoryx_refsource_MS
http://www.us-cert.gov/cas/techalerts/TA10-055A.htmlthird-party-advisoryx_refsource_CERT
http://www.kb.cert.org/vuls/id/492515third-party-advisoryx_refsource_CERT-VN
http://www.vupen.com/english/advisories/2010/0135vdb-entryx_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/55642vdb-entryx_refsource_XF
https://nvd.nist.gov/vuln/detail/CVE-2010-0249

Same Patch Batch · n/a · 2010-01-15 · 37 CVEs total

CVE-2010-0344		TYPO3 zak_store_management extension SQL注入漏洞
CVE-2010-0336		TYPO3 kiddog_mysqldumper extension未明漏洞
CVE-2010-0337		TYPO3 tt_news Mail alert extensionSQL注入漏洞
CVE-2010-0338		TYPO3 TT_Products editor (ttpedit) extensionSQL注入漏洞
CVE-2010-0339		TYPO3 User Links (vm19_userlinks) extension SQL注入漏洞
CVE-2010-0340		TYPO3 MJS Event Pro (mjseventpro) extension SQL注入漏洞
CVE-2010-0341		TYPO3 BB Simple Jobs (bb_simplejobs) extensionSQL注入漏洞
CVE-2010-0342		TYPO3 Reports for Job (job_reports) extension SQL注入漏洞
CVE-2010-0343		TYPO3 Clan Users List (pb_clanlist) extension SQL注入漏洞
CVE-2010-0335		TYPO3 news extension Vote rank跨站脚本漏洞
CVE-2010-0345		TYPO3 Majordomo extension 跨站脚本漏洞
CVE-2010-0346		TYPO3 Tip many friends extension 跨站脚本漏洞
CVE-2010-0347		TYPO3 VD / Geomap (vd_geomap) extension 跨站脚本漏洞
CVE-2010-0348		C3 Corp. WebCalenderC3 目录遍历漏洞
CVE-2010-0317		Novell Netware 大量畸形或AFP请求引起一个拒绝服务
CVE-2010-0318		FreeBSD ZFS Intent Log非安全文件许可漏洞
CVE-2010-0280		Google SketchUp lib3ds库3DS文件处理内存破坏漏洞
CVE-2010-0316		Google Sketchup整数溢出漏洞
CVE-2010-0326		TYPO3 Developer log (devlog) extension 跨站脚本漏洞
CVE-2010-0350		TYPO3 Photo Book extension 目录遍历漏洞

Showing top 20 of 37 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2010-0249

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2010-0249

I. Basic Information for CVE-2010-0249

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Shenlong Deep Dive — AI Deep Analysis

Affected Products

II. Public POCs for CVE-2010-0249

III. Intelligence Information for CVE-2010-0249

Same Patch Batch · n/a · 2010-01-15 · 37 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2010-0249

Leave a comment