Description
Heap-based buffer overflow in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to discover the base address of a Windows .dll file, and possibly have unspecified other impact, via unknown vectors, as demonstrated by Peter Vreugdenhil during a Pwn2Own competition at CanSecWest 2010.
References (5)
Core 5
Core References
Various Sources x_refsource_misc
http://dvlabs.tippingpoint.com/blog/2010/02/15/pwn2own-2010
Various Sources x_refsource_misc
http://twitter.com/thezdi/statuses/11003801960
Exploit x_refsource_misc
http://vreugdenhilresearch.nl/Pwn2Own-2010-Windows7-InternetExplorer8.pdf
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/57196
Various Sources x_refsource_misc
http://news.cnet.com/8301-27080_3-20001126-245.html
Scores
EPSS
0.1404
EPSS Percentile
96.1%
Details
CWE
CWE-119
Status
published
Products (1)
microsoft/internet_explorer
8.0.6001
Published
Mar 25, 2010
Tracked Since
Feb 18, 2026