NVD

Id
12661  
Name
CVE-2010-1127  
Description
Microsoft Internet Explorer 6 and 7 does not initialize certain data structures during execution of the createElement method, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code, as demonstrated by setting the (1) outerHTML or (2) value property of an object returned by createElement.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:P)  
Pub Date
2017-01-18  
Published
2010-03-26  
Modified Date
2010-03-29  
Seq
2010-1127  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
69483 12661 CVE-2010-1127 20100126 Microsoft IE 6&7 Crash Exploit  View
69484 12661 CVE-2010-1127 20100128 Re: Microsoft IE 6&7 Crash Exploit  View
69485 12661 CVE-2010-1127 http://securityreason.com/exploitalert/7731  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
38840 JVNDB-2010-004625 Microsoft Internet Explorer 6 および 7 におけるサービス運用妨害 (DoS) の脆弱性 Microsoft Internet Explorer 6 および 7 には、createElement メソッドの実行中に特定のデータ構造を初期化しないため、サービス運用妨害 (NULL ポインタデリファレンスおよびアプリケーションクラッシュ) 状態となる脆弱性が存在します。 CVE-2010-1127 43707 CVE-2010-1127 12661 5 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-004625.html 2010-03-26 2012-09-25 View