High severity8.1CISA KEVNVD Advisory· Published Nov 5, 2010· Updated Jun 16, 2026
CVE-2010-3962
CVE-2010-3962
Description
Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Cascading Style Sheets (CSS) token sequences and the clip attribute, aka an "invalid flag reference" issue or "Uninitialized Memory Corruption Vulnerability," as exploited in the wild in November 2010.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*
- (no CPE)range: 6, 7, 8
Patches
Vulnerability mechanics
References
15- www.microsoft.com/technet/security/advisory/2458511.mspxnvdPatchVendor Advisory
- docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-090nvdPatchVendor Advisory
- blogs.technet.com/b/msrc/archive/2010/11/02/microsoft-releases-security-advisory-2458511.aspxnvdVendor Advisory
- secunia.com/advisories/42091nvdBroken LinkVendor Advisory
- www.exploit-db.com/exploits/15418nvdThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/15421nvdThird Party AdvisoryVDB Entry
- www.kb.cert.org/vuls/id/899748nvdThird Party AdvisoryUS Government Resource
- www.securityfocus.com/bid/44536nvdBroken LinkThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- www.us-cert.gov/cas/techalerts/TA10-348A.htmlnvdThird Party AdvisoryUS Government Resource
- www.vupen.com/english/advisories/2010/2880nvdBroken LinkVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/62962nvdThird Party AdvisoryVDB Entry
- www.symantec.com/connect/blogs/new-ie-0-day-used-targeted-attacksnvdNot Applicable
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12279nvdTool Signature
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
0No linked articles in our index yet.