CVE-2010-3886

Microsoft Internet Explorer - Information Disclosure

Title source: rule

Description

The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft mshtml.dll uses a certain pointer value as part of producing Timer ID values for the setTimeout and setInterval methods in VBScript and JScript, which allows remote attackers to obtain sensitive information about the heap memory addresses used by an application, as demonstrated by the Internet Explorer 8 application.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Ruben Santamarta · htmldoswindows

https://www.exploit-db.com/exploits/14295

View Code ZIP pw:eip

References (4)

[Broken Link, Exploit] http://archives.neohapsis.com/archives/bugtraq/2010-06/0259.html

[Third Party Advisory] http://twitter.com/WisecWisec/statuses/17254776077

[Not Applicable] http://www.eeye.com/Resources/Security-Center/Research/Zero-Day-Tracker/2010/20100630

[Third Party Advisory] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11606

Scores

EPSS 0.1435

EPSS Percentile 94.4%

Details

CWE

CWE-200

Status published

Products (1)

microsoft/internet_explorer 8

Published Oct 08, 2010

Tracked Since Feb 18, 2026