Home

Description

Use-after-free vulnerability in the Peer Objects component (aka iepeers.dll) in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object, as exploited in the wild in March 2010, aka "Uninitialized Memory Corruption Vulnerability."

PUBLISHED Reserved 2010-03-02 | Published 2010-03-10 | Updated 2026-05-20 | Assigner microsoft

CISA Known Exploited Vulnerability

Date added 2026-05-20 | Due date 2026-06-03

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

References

osvdb.org/62810 (62810) vdb-entry

www.us-cert.gov/cas/techalerts/TA10-089A.html (TA10-089A) third-party-advisory

www.securityfocus.com/bid/38615 (38615) vdb-entry

www.vupen.com/english/advisories/2010/0567 (ADV-2010-0567) vdb-entry

secunia.com/advisories/38860 (38860) third-party-advisory

www.us-cert.gov/cas/techalerts/TA10-068A.html (TA10-068A) third-party-advisory

docs.microsoft.com/...pdates/securitybulletins/2010/ms10-018 (MS10-018) vendor-advisory

www.microsoft.com/technet/security/advisory/981374.mspx

exchange.xforce.ibmcloud.com/vulnerabilities/56772 (ms-ie-useafterfree-code-execution(56772)) vdb-entry

oval.cisecurity.org/...finition/oval:org.mitre.oval:def:8446 (oval:org.mitre.oval:def:8446) vdb-entry signature

www.vupen.com/english/advisories/2010/0744 (ADV-2010-0744) vdb-entry

blogs.technet.com/.../security-advisory-981374-released.aspx

www.kb.cert.org/vuls/id/744549 (VU#744549) third-party-advisory

learn.microsoft.com/...dates/securitybulletins/2010/ms10-018 vendor-advisory

www.cisa.gov/...nerabilities-catalog?field_cve=CVE-2010-0806 government-resource

osvdb.org/62810 (62810) vdb-entry

www.us-cert.gov/cas/techalerts/TA10-089A.html (TA10-089A) third-party-advisory

www.securityfocus.com/bid/38615 (38615) vdb-entry

www.vupen.com/english/advisories/2010/0567 (ADV-2010-0567) vdb-entry

secunia.com/advisories/38860 (38860) third-party-advisory

www.us-cert.gov/cas/techalerts/TA10-068A.html (TA10-068A) third-party-advisory

docs.microsoft.com/...pdates/securitybulletins/2010/ms10-018 (MS10-018) vendor-advisory

www.microsoft.com/technet/security/advisory/981374.mspx

exchange.xforce.ibmcloud.com/vulnerabilities/56772 (ms-ie-useafterfree-code-execution(56772)) vdb-entry

oval.cisecurity.org/...finition/oval:org.mitre.oval:def:8446 (oval:org.mitre.oval:def:8446) vdb-entry signature

www.vupen.com/english/advisories/2010/0744 (ADV-2010-0744) vdb-entry

blogs.technet.com/.../security-advisory-981374-released.aspx

www.kb.cert.org/vuls/id/744549 (VU#744549) third-party-advisory

cve.org (CVE-2010-0806)

nvd.nist.gov (CVE-2010-0806)

Download JSON