CVE-2010-0248

HIGH

Microsoft Internet Explorer 6, 6 SP1, 7, 8 - Remote Code Execution via Memory Corruption

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2010-0248. PoCs published by Metasploit, Peter Vreugdenhil, juan vazquez, sinn3r, including Metasploit module exploits/windows/browser/ms10_002_ie_object.

AI-analyzed exploit summary This Metasploit module exploits a use-after-free vulnerability in Internet Explorer's mshtml component (CVE-2010-0248) to achieve remote code execution. It uses heap spraying to control memory layout and execute shellcode via a crafted HTML page.

Description

Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability."

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/18642

This Metasploit module exploits a use-after-free vulnerability in Internet Explorer's mshtml component (CVE-2010-0248) to achieve remote code execution. It uses heap spraying to control memory layout and execute shellcode via a crafted HTML page.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: Internet Explorer 8 on Windows XP SP3 or Windows 7 SP0
No auth needed
Prerequisites: Victim must visit a malicious webpage using a vulnerable version of Internet Explorer
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
by Peter Vreugdenhil, juan vazquez, sinn3r · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/ms10_002_ie_object.rb

This Metasploit module exploits a use-after-free vulnerability in Internet Explorer's mshtml component (CVE-2010-0248) by manipulating freed memory pointers to achieve remote code execution. It uses heap spraying to control memory layout and ROP chains for reliable exploitation.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: Microsoft Internet Explorer 8 on Windows XP SP3 or Windows 7 SP0
No auth needed
Prerequisites: Victim must visit a malicious webpage · JavaScript must be enabled in the target browser
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/55778
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8267

Scores

CVSS v3 8.1
EPSS 0.5309
EPSS Percentile 98.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-416 CWE-94
Status published
Products (26)
microsoft/internet_explorer 8
microsoft/internet_explorer 8.0.6001
microsoft/internet_explorer 7
microsoft/internet_explorer 7.0
microsoft/internet_explorer 7.0.5730 unknown
microsoft/internet_explorer 7.0.5730.11
microsoft/internet_explorer 7.00.5730.1100
microsoft/internet_explorer 7.00.6000.16386
microsoft/internet_explorer 7.00.6000.16441
microsoft/internet_explorer 6 sp1 (2 CPE variants)
... and 16 more
Published Jan 22, 2010
Tracked Since Feb 18, 2026