Status Tracking Note JVNTR-2010-09

Microsoft Internet Explorer iepeers.dll use-after-free vulnerability (VU#744549)


Microsoft Internet Explorer contains a use-after-free vulnerability in the iepeers.dll file, which may allow a remote, unauthenticated attacker to execute arbitrary code.
Event Information

Date (UTC)Description
2010-04-01 22:41 JVN
JVNTR-2010-10: Microsoft Internet Explorer Vulnerabilities (TA10-089A)
2010-03-30 20:31 Microsoft
Microsoft Security Advisory (981374): Vulnerability in Internet Explorer Could Allow Remote Code Execution
Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-018 to address this issue.
2010-03-11 00:00 Microsoft
Microsoft Security Advisory (981374): Vulnerability in Internet Explorer Could Allow Remote Code Execution
Advisory published.
Microsoft is investigating new, public reports of a vulnerability in Internet Explorer 6 and Internet Explorer 7. Our investigation has shown that the latest version of the browser, Internet Explorer 8, is not affected.
2010-03-10 22:11 Symantec
Zero-Day Attack on IE6 - JS.Sykipot Doesn't Spare Retired Software
Security Response Blog
Internet Explorer 6 may have taken its path to retirement but it still remains a good target for exploits, as we can see from JS.Sykipot. This zero-day was found on March 8th and it exploits a vulnerability in some Internet Explorer versions (CVE-2010-0806 , BID 38615) that can lead to remote code execution. Upon successful exploitation, JS.Sykipot will download and run Backdoor.Sykipot, which is a back door capable of communicating with its control server to receive and run several commands.
2010-03-10 20:39
Microsoft Internet Explorer iepeers.dll use-after-free exploit (meta)
Vulnerability Proof Of Concept (CVE-2010-0806)
A new Microsoft Internet Explorer 0day exploit has been found circulating in-the-wild.
2010-03-10 16:06 Sophos
Exploiting vulnerability (CVE-2010-0806)
2010-03-10 15:00 Trend Micro
Exploiting vulnerability (CVE-2010-0806)
2010-03-10 14:01 The Metasploit Project
Microsoft Internet Explorer iepeers.dll use-after-free exploit for the Metasploit Framework
Vulnerability Proof Of Concept (CVE-2010-0806)
#Cid: ie_iepeers_pointer.rb
#Tested: cpe:/o:microsoft:windows_xp::sp3 + cpe:/a:microsoft:ie:6
#Tested: cpe:/o:microsoft:windows_xp::sp3 + cpe:/a:microsoft:ie:7
#Tested: cpe:/o:microsoft:windows_vista::sp2 + cpe:/a:microsoft:ie:7
2010-03-10 Sophos
Internet Explorer 0-day targeted in spam runs
Hot on the heels of the Patch Tuesday announcements yesterday (see blog or links to vulnerability assessment pages), came the announcement of a new zero-day in Internet Explorer (CVE-2010-0806).
SophosLabs blog
2010-03-09 23:30 McAfee
Targeted Internet Explorer Zero-Day Attack Announced (CVE-2010-0806)
Computer Security Research - McAfee Labs Blog
Earlier today, Microsoft released Security Advisory (981374). This advisory covers CVE-2010-0806, an unpatched vulnerability affecting Internet Explorer versions 6 and 7. This attack appears to be rather targeted at the moment, but as with other unpatched vulnerabilities in the past, this has the potential to explode now that the word is getting out.
2010-03-09 23:08 McAfee
Exploiting vulnerability (CVE-2010-0806)
2010-03-09 Symantec
Domain Name Created on: 06-Mar-10


Date first published (UTC): 2010-03-13T07:32+00:00
Date last updated (UTC): 2010-04-01T22:41+00:00
Valid HTML 4.01!