CVE-2010-3962

HIGH KEV

Microsoft Internet Explorer - Use After Free

Title source: rule

Description

Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Cascading Style Sheets (CSS) token sequences and the clip attribute, aka an "invalid flag reference" issue or "Uninitialized Memory Corruption Vulnerability," as exploited in the wild in November 2010.

Exploits (4)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16551

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by ryujin · htmlremotewindows

https://www.exploit-db.com/exploits/15421

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by anonymous · htmldoswindows

https://www.exploit-db.com/exploits/15418

View Code ZIP pw:eip

metasploit WORKING POC GOOD

by unknown, Yuange, Matteo Memelli, jduck · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/ms10_090_ie_css_clip.rb

View Code ZIP pw:eip

References (15)

[Vendor Advisory] http://blogs.technet.com/b/msrc/archive/2010/11/02/microsoft-releases-security-advisory-2458511.aspx

[Broken Link, Vendor Advisory] http://secunia.com/advisories/42091

[Third Party Advisory, VDB Entry] http://www.exploit-db.com/exploits/15418

[Third Party Advisory, VDB Entry] http://www.exploit-db.com/exploits/15421

[Third Party Advisory, US Government Resource] http://www.kb.cert.org/vuls/id/899748

[Patch, Vendor Advisory] http://www.microsoft.com/technet/security/advisory/2458511.mspx

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/44536

[Broken Link, Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1024676

[Not Applicable] http://www.symantec.com/connect/blogs/new-ie-0-day-used-targeted-attacks

[Third Party Advisory, US Government Resource] http://www.us-cert.gov/cas/techalerts/TA10-348A.html

[Broken Link, Vendor Advisory] http://www.vupen.com/english/advisories/2010/2880

[Patch, Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-090

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/62962

[Tool Signature] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12279

[Third Party Advisory, US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-3962

Scores

CVSS v3 8.1

EPSS 0.8891

EPSS Percentile 99.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2025-10-06

VulnCheck KEV 2010-11-05

InTheWild.io 2021-07-23

ENISA EUVD EUVD-2010-3939

CWE

CWE-416

Status published

Products (3)

microsoft/internet_explorer 6

microsoft/internet_explorer 7

microsoft/internet_explorer 8

Published Nov 05, 2010

KEV Added Oct 06, 2025

Tracked Since Feb 18, 2026