CVE-2010-0489

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 5.01 SP4 through 7

Description A race condition in the software allows remote attackers to execute arbitrary code via a crafted HTML document, triggering memory corruption. The issue exists in the way the software accesses an object that may have been corrupted due to a race condition. An attacker could exploit this by constructing a specially crafted Web page, potentially allowing remote code execution and gaining the same user rights as the logged-on user. If the user has administrative rights, the attacker could take complete control of the affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Internet Explorer versions 5.01 SP4 through 7, consider applying security updates or patches to resolve the issue, as no specific workaround is provided for these versions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.