Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2010-0255
PUBLISHED
More InfoOfficial Page
Assigner-microsoft
Assigner Org ID-f38d906d-7342-40ea-92c1-6c4a2c6478c8
View Known Exploited Vulnerability (KEV) details
Published At-04 Feb, 2010 | 19:00
Updated At-07 Aug, 2024 | 00:45
Rejected At-
▼CVE Numbering Authority (CNA)

Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prevent rendering of non-HTML local files as HTML documents, which allows remote attackers to bypass intended access restrictions and read arbitrary files via vectors involving JavaScript exploit code that constructs a reference to a file://127.0.0.1 URL, aka the dynamic OBJECT tag vulnerability, as demonstrated by obtaining the data from an index.dat file, a variant of CVE-2009-1140 and related to CVE-2008-1448.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/archive/1/509345/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://support.avaya.com/css/P8/documents/100089747
x_refsource_CONFIRM
http://osvdb.org/62156
vdb-entry
x_refsource_OSVDB
http://www.securityfocus.com/bid/38055
vdb-entry
x_refsource_BID
http://www.microsoft.com/technet/security/advisory/980088.mspx
x_refsource_CONFIRM
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-035
vendor-advisory
x_refsource_MS
http://www.coresecurity.com/content/internet-explorer-dynamic-object-tag
x_refsource_MISC
http://www.us-cert.gov/cas/techalerts/TA10-159B.html
third-party-advisory
x_refsource_CERT
http://isc.sans.org/diary.html?n&storyid=8152
x_refsource_MISC
http://blogs.technet.com/msrc/archive/2010/02/03/security-advisory-980088-released.aspx
x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7145
vdb-entry
signature
x_refsource_OVAL
http://www.securityfocus.com/bid/38056
vdb-entry
x_refsource_BID
Hyperlink: http://www.securityfocus.com/archive/1/509345/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://support.avaya.com/css/P8/documents/100089747
Resource:
x_refsource_CONFIRM
Hyperlink: http://osvdb.org/62156
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://www.securityfocus.com/bid/38055
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.microsoft.com/technet/security/advisory/980088.mspx
Resource:
x_refsource_CONFIRM
Hyperlink: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-035
Resource:
vendor-advisory
x_refsource_MS
Hyperlink: http://www.coresecurity.com/content/internet-explorer-dynamic-object-tag
Resource:
x_refsource_MISC
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA10-159B.html
Resource:
third-party-advisory
x_refsource_CERT
Hyperlink: http://isc.sans.org/diary.html?n&storyid=8152
Resource:
x_refsource_MISC
Hyperlink: http://blogs.technet.com/msrc/archive/2010/02/03/security-advisory-980088-released.aspx
Resource:
x_refsource_CONFIRM
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7145
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://www.securityfocus.com/bid/38056
Resource:
vdb-entry
x_refsource_BID
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/archive/1/509345/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://support.avaya.com/css/P8/documents/100089747
x_refsource_CONFIRM
x_transferred
http://osvdb.org/62156
vdb-entry
x_refsource_OSVDB
x_transferred
http://www.securityfocus.com/bid/38055
vdb-entry
x_refsource_BID
x_transferred
http://www.microsoft.com/technet/security/advisory/980088.mspx
x_refsource_CONFIRM
x_transferred
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-035
vendor-advisory
x_refsource_MS
x_transferred
http://www.coresecurity.com/content/internet-explorer-dynamic-object-tag
x_refsource_MISC
x_transferred
http://www.us-cert.gov/cas/techalerts/TA10-159B.html
third-party-advisory
x_refsource_CERT
x_transferred
http://isc.sans.org/diary.html?n&storyid=8152
x_refsource_MISC
x_transferred
http://blogs.technet.com/msrc/archive/2010/02/03/security-advisory-980088-released.aspx
x_refsource_CONFIRM
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7145
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://www.securityfocus.com/bid/38056
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/509345/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://support.avaya.com/css/P8/documents/100089747
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://osvdb.org/62156
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://www.securityfocus.com/bid/38055
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.microsoft.com/technet/security/advisory/980088.mspx
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-035
Resource:
vendor-advisory
x_refsource_MS
x_transferred
Hyperlink: http://www.coresecurity.com/content/internet-explorer-dynamic-object-tag
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA10-159B.html
Resource:
third-party-advisory
x_refsource_CERT
x_transferred
Hyperlink: http://isc.sans.org/diary.html?n&storyid=8152
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://blogs.technet.com/msrc/archive/2010/02/03/security-advisory-980088-released.aspx
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7145
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://www.securityfocus.com/bid/38056
Resource:
vdb-entry
x_refsource_BID
x_transferred
Details not found