Microsoft
Internet Explorer Developer Tools Vulnerability
Date Discovered:
08/06/2010
Severity:
High
Operating Systems
Affected:
Windows 2000
SP 4
Windows XP SP 2
Windows XP SP 3
Windows XP Professional x64 Edition SP 2
Windows Server 2003 SP 2
Windows Server 2003 x64 Edition SP 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Vista SP 1
Windows Vista SP 2
Windows Vista x64 Edition SP 1
Windows Vista x64 Edition SP 2
Windows Server 2008 for 32-bit Systems
Windows Server 2008 for 32-bit Systems SP 2
Windows Server 2008 for x64-based Systems
Windows Server 2008 for x64-based Systems SP 2
Windows Server 2008 for Itanium-based Systems
Windows Server 2008 for Itanium-based Systems SP 2
Windows 7 for 32-bit Systems
Windows 7 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for Itanium-based Systems
Application
Affected:
Microsoft Windows
Internet Explorer 8 developer tools.
Identifiers:
CVE-2010-0811
Synopsis
Microsoft
Windows Internet Explorer 8 developer tools is susceptible to remote
code execution vulnerability. This
vulnerability could allow remote code
execution if a user opened a specially crafted Web page.
A remote code execution
vulnerability exists in the Microsoft Internet Explorer 8 Developer
Tools.
An attacker could host a Web site that contains a Web page that is used
to exploit this vulnerability. In addition, compromised Web sites and
Web sites that accept or host user-provided content or advertisements
could contain specially crafted content that could exploit this
vulnerability.An attacker would have to convince users to visit the Web
site, typically by getting them to click a link in an e-mail message or
Instant Messenger message that takes users to the attacker's Web site.
An attacker who successfully exploited this vulnerability could take
complete control of an affected system. An attacker could then install
programs, view, change, delete data, or create new accounts with full
user rights.
