Vulnerability Details : CVE-2010-3886
The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft mshtml.dll uses a certain pointer value as part of producing Timer ID values for the setTimeout and setInterval methods in VBScript and JScript, which allows remote attackers to obtain sensitive information about the heap memory addresses used by an application, as demonstrated by the Internet Explorer 8 application.
Vulnerability category: Information leak
Exploit prediction scoring system (EPSS) score for CVE-2010-3886
Probability of exploitation activity in the next 30 days: 0.63%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 78 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-3886
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:N/A:N |
8.6
|
2.9
|
NIST |
CWE ids for CVE-2010-3886
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-3886
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11606
Repository / Oval RepositoryThird Party Advisory
-
http://archives.neohapsis.com/archives/bugtraq/2010-06/0259.html
Broken Link;Exploit
-
http://www.eeye.com/Resources/Security-Center/Research/Zero-Day-Tracker/2010/20100630
Page not found | BeyondTrustNot Applicable
-
http://twitter.com/WisecWisec/statuses/17254776077
Stefano Di Paola on Twitter: "setTimeout(alert,0 ) mem leak on FF ?"Third Party Advisory
Products affected by CVE-2010-3886
- cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*