CVE-2010-1258 - Vulnerability Details

Vendors	Products
Microsoft	Internet Explorer Windows 2003 Server Windows 7 Windows Server 2003 Windows Server 2008 Windows Vista Windows Xp

Link	Providers
http://www.us-cert.gov/cas/techalerts/TA10-222A.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-053
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11954

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-08-10T00:00:00", "descriptions": [{"lang": "en", "value": "Microsoft Internet Explorer 6, 7, and 8 does not properly determine the origin of script code, which allows remote attackers to execute script in an unintended domain or security zone, and obtain sensitive information, via unspecified vectors, aka \"Event Handler Cross-Domain Vulnerability.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-12T19:57:01", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft"}, "references": [{"name": "oval:org.mitre.oval:def:11954", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11954"}, {"name": "TA10-222A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html"}, {"name": "MS10-053", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-053"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@microsoft.com", "ID": "CVE-2010-1258", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Microsoft Internet Explorer 6, 7, and 8 does not properly determine the origin of script code, which allows remote attackers to execute script in an unintended domain or security zone, and obtain sensitive information, via unspecified vectors, aka \"Event Handler Cross-Domain Vulnerability.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "oval:org.mitre.oval:def:11954", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11954"}, {"name": "TA10-222A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html"}, {"name": "MS10-053", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-053"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T01:21:17.581Z"}, "title": "CVE Program Container", "references": [{"name": "oval:org.mitre.oval:def:11954", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11954"}, {"name": "TA10-222A", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html"}, {"name": "MS10-053", "tags": ["vendor-advisory", "x_refsource_MS", "x_transferred"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-053"}]}]}, "cveMetadata": {"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2010-1258", "datePublished": "2010-08-11T18:00:00", "dateReserved": "2010-04-05T00:00:00", "dateUpdated": "2024-08-07T01:21:17.581Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2010-08-10T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Microsoft Internet Explorer 6, 7, and 8 does not properly determine the origin of script code, which allows remote attackers to execute script in an unintended domain or security zone, and obtain sensitive information, via unspecified vectors, aka "Event Handler Cross-Domain Vulnerability." (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2018-10-12T19:57:01 (string)

orgId : f38d906d-7342-40ea-92c1-6c4a2c6478c8 (string)

shortName : microsoft (string)

}

references : [ »

0 : { »

name : oval:org.mitre.oval:def:11954 (string)

tags : [ »

0 : vdb-entry (string)

1 : signature (string)

2 : x_refsource_OVAL (string)

]

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11954 (string)

}

1 : { »

name : TA10-222A (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_CERT (string)

]

url : http://www.us-cert.gov/cas/techalerts/TA10-222A.html (string)

}

2 : { »

name : MS10-053 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_MS (string)

]

url : https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-053 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : secure@microsoft.com (string)

ID : CVE-2010-1258 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Microsoft Internet Explorer 6, 7, and 8 does not properly determine the origin of script code, which allows remote attackers to execute script in an unintended domain or security zone, and obtain sensitive information, via unspecified vectors, aka "Event Handler Cross-Domain Vulnerability." (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : oval:org.mitre.oval:def:11954 (string)

refsource : OVAL (string)

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11954 (string)

}

1 : { »

name : TA10-222A (string)

refsource : CERT (string)

url : http://www.us-cert.gov/cas/techalerts/TA10-222A.html (string)

}

2 : { »

name : MS10-053 (string)

refsource : MS (string)

url : https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-053 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-07T01:21:17.581Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : oval:org.mitre.oval:def:11954 (string)

tags : [ »

0 : vdb-entry (string)

1 : signature (string)

2 : x_refsource_OVAL (string)

3 : x_transferred (string)

]

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11954 (string)

}

1 : { »

name : TA10-222A (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_CERT (string)

2 : x_transferred (string)

]

url : http://www.us-cert.gov/cas/techalerts/TA10-222A.html (string)

}

2 : { »

name : MS10-053 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_MS (string)

2 : x_transferred (string)

]

url : https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-053 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : f38d906d-7342-40ea-92c1-6c4a2c6478c8 (string)

assignerShortName : microsoft (string)

cveId : CVE-2010-1258 (string)

datePublished : 2010-08-11T18:00:00 (string)

dateReserved : 2010-04-05T00:00:00 (string)

dateUpdated : 2024-08-07T01:21:17.581Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*", "matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*", "matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*", "matchCriteriaId": "A52E757F-9B41-43B4-9D67-3FEDACA71283", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:*", "matchCriteriaId": "B2B19826-5516-4899-9599-F95D0A03FBCD", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "matchCriteriaId": "B8A32637-65EC-42C4-A892-0E599562527C", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Microsoft Internet Explorer 6, 7, and 8 does not properly determine the origin of script code, which allows remote attackers to execute script in an unintended domain or security zone, and obtain sensitive information, via unspecified vectors, aka \"Event Handler Cross-Domain Vulnerability.\""}, {"lang": "es", "value": "Microsoft Internet Explorer 6, 7 y 8, no determinan apropiadamente el origen de c\u00f3digo script, lo que permite a atacantes remotos ejecutar c\u00f3digo en un dominio o zona de seguridad no deseados y obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido c\u00f3mo \"Event Handler Cross-Domain Vulnerability.\""}], "id": "CVE-2010-1258", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-08-11T18:47:49.890", "references": [{"source": "secure@microsoft.com", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html"}, {"source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-053"}, {"source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11954"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-053"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11954"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:* (string)

matchCriteriaId : 693D3C1C-E3E4-49DB-9A13-44ADDFF82507 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:* (string)

matchCriteriaId : 2978BF86-5A1A-438E-B81F-F360D0E30C9C (string)

vulnerable : false (boolean)

}

1 : { »

criteria : cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:* (string)

matchCriteriaId : F7EFB032-47F4-4497-B16B-CB9126EAC9DF (string)

vulnerable : false (boolean)

}

2 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:* (string)

matchCriteriaId : 4D3B5E4F-56A6-4696-BBB4-19DF3613D020 (string)

vulnerable : false (boolean)

}

3 : { »

criteria : cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:* (string)

matchCriteriaId : CE477A73-4EE4-41E9-8694-5A3D5DC88656 (string)

vulnerable : false (boolean)

}

4 : { »

criteria : cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:* (string)

matchCriteriaId : FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:* (string)

matchCriteriaId : 1A33FA7F-BB2A-4C66-B608-72997A2BD1DB (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:* (string)

matchCriteriaId : 2978BF86-5A1A-438E-B81F-F360D0E30C9C (string)

vulnerable : false (boolean)

}

1 : { »

criteria : cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:* (string)

matchCriteriaId : F7EFB032-47F4-4497-B16B-CB9126EAC9DF (string)

vulnerable : false (boolean)

}

2 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:* (string)

matchCriteriaId : 4D3B5E4F-56A6-4696-BBB4-19DF3613D020 (string)

vulnerable : false (boolean)

}

3 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:* (string)

matchCriteriaId : 7F6EA111-A4E6-4963-A0C8-F9336C605B6E (string)

vulnerable : false (boolean)

}

4 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:* (string)

matchCriteriaId : 9CFB1A97-8042-4497-A45D-C014B5E240AB (string)

vulnerable : false (boolean)

}

5 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:* (string)

matchCriteriaId : 7F9C7616-658D-409D-8B53-AC00DC55602A (string)

vulnerable : false (boolean)

}

6 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:* (string)

matchCriteriaId : B8A32637-65EC-42C4-A892-0E599562527C (string)

vulnerable : false (boolean)

}

7 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:* (string)

matchCriteriaId : FFF81F4B-7D92-4398-8658-84530FB8F518 (string)

vulnerable : false (boolean)

}

8 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:* (string)

matchCriteriaId : 7AE15F6C-80F6-43A6-86DA-B92116A697A0 (string)

vulnerable : false (boolean)

}

9 : { »

criteria : cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:* (string)

matchCriteriaId : C162FFF0-1E8F-4DCF-A08F-6C6E324ED878 (string)

vulnerable : false (boolean)

}

10 : { »

criteria : cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:* (string)

matchCriteriaId : 0A0D2704-C058-420B-B368-372D1129E914 (string)

vulnerable : false (boolean)

}

11 : { »

criteria : cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:* (string)

matchCriteriaId : 3A04E39A-623E-45CA-A5FC-25DAA0F275A3 (string)

vulnerable : false (boolean)

}

12 : { »

criteria : cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:* (string)

matchCriteriaId : BF1AD1A1-EE20-4BCE-9EE6-84B27139811C (string)

vulnerable : false (boolean)

}

13 : { »

criteria : cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:* (string)

matchCriteriaId : CE477A73-4EE4-41E9-8694-5A3D5DC88656 (string)

vulnerable : false (boolean)

}

14 : { »

criteria : cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:* (string)

matchCriteriaId : FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

2 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:* (string)

matchCriteriaId : A52E757F-9B41-43B4-9D67-3FEDACA71283 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:* (string)

matchCriteriaId : F7EFB032-47F4-4497-B16B-CB9126EAC9DF (string)

vulnerable : false (boolean)

}

1 : { »

criteria : cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:* (string)

matchCriteriaId : D56B932B-9593-44E2-B610-E4EB2143EB21 (string)

vulnerable : false (boolean)

}

2 : { »

criteria : cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:* (string)

matchCriteriaId : E33796DB-4523-4F04-B564-ADF030553D51 (string)

vulnerable : false (boolean)

}

3 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:* (string)

matchCriteriaId : 4D3B5E4F-56A6-4696-BBB4-19DF3613D020 (string)

vulnerable : false (boolean)

}

4 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:* (string)

matchCriteriaId : 7F6EA111-A4E6-4963-A0C8-F9336C605B6E (string)

vulnerable : false (boolean)

}

5 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:* (string)

matchCriteriaId : 9CFB1A97-8042-4497-A45D-C014B5E240AB (string)

vulnerable : false (boolean)

}

6 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:* (string)

matchCriteriaId : 7F9C7616-658D-409D-8B53-AC00DC55602A (string)

vulnerable : false (boolean)

}

7 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:* (string)

matchCriteriaId : B2B19826-5516-4899-9599-F95D0A03FBCD (string)

vulnerable : false (boolean)

}

8 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:* (string)

matchCriteriaId : 4945F25F-2828-4D03-930B-A109BA73E00C (string)

vulnerable : false (boolean)

}

9 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:* (string)

matchCriteriaId : B8A32637-65EC-42C4-A892-0E599562527C (string)

vulnerable : false (boolean)

}

10 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:* (string)

matchCriteriaId : FFF81F4B-7D92-4398-8658-84530FB8F518 (string)

vulnerable : false (boolean)

}

11 : { »

criteria : cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:* (string)

matchCriteriaId : 7AE15F6C-80F6-43A6-86DA-B92116A697A0 (string)

vulnerable : false (boolean)

}

12 : { »

criteria : cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:* (string)

matchCriteriaId : C162FFF0-1E8F-4DCF-A08F-6C6E324ED878 (string)

vulnerable : false (boolean)

}

13 : { »

criteria : cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:* (string)

matchCriteriaId : 0A0D2704-C058-420B-B368-372D1129E914 (string)

vulnerable : false (boolean)

}

14 : { »

criteria : cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:* (string)

matchCriteriaId : 3A04E39A-623E-45CA-A5FC-25DAA0F275A3 (string)

vulnerable : false (boolean)

}

15 : { »

criteria : cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:* (string)

matchCriteriaId : CE477A73-4EE4-41E9-8694-5A3D5DC88656 (string)

vulnerable : false (boolean)

}

16 : { »

criteria : cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:* (string)

matchCriteriaId : FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : Microsoft Internet Explorer 6, 7, and 8 does not properly determine the origin of script code, which allows remote attackers to execute script in an unintended domain or security zone, and obtain sensitive information, via unspecified vectors, aka "Event Handler Cross-Domain Vulnerability." (string)

}

1 : { »

lang : es (string)

value : Microsoft Internet Explorer 6, 7 y 8, no determinan apropiadamente el origen de código script, lo que permite a atacantes remotos ejecutar código en un dominio o zona de seguridad no deseados y obtener información sensible a través de vectores no especificados, también conocido cómo "Event Handler Cross-Domain Vulnerability." (string)

}

]

id : CVE-2010-1258 (string)

lastModified : 2025-04-11T00:51:21.963 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 4.3 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:M/Au:N/C:P/I:N/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2010-08-11T18:47:49.890 (string)

references : [ »

0 : { »

source : secure@microsoft.com (string)

tags : [ »

0 : US Government Resource (string)

]

url : http://www.us-cert.gov/cas/techalerts/TA10-222A.html (string)

}

1 : { »

source : secure@microsoft.com (string)

url : https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-053 (string)

}

2 : { »

source : secure@microsoft.com (string)

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11954 (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : US Government Resource (string)

]

url : http://www.us-cert.gov/cas/techalerts/TA10-222A.html (string)

}

4 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-053 (string)

}

5 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11954 (string)

}

]

sourceIdentifier : secure@microsoft.com (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-200 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object