CVE-2010-3345

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer version 8

Description The issue arises from the improper handling of objects in memory, allowing remote attackers to execute arbitrary code by accessing an object that was not properly initialized or has been deleted, leading to memory corruption. A remote code execution vulnerability exists in the way that Internet Explorer accesses an object, which could be exploited by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution, potentially giving an attacker the same user rights as the logged-on user. If the user has administrative rights, the attacker could take complete control of the system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Internet Explorer version 8, consider avoiding the use of Internet Explorer until a patch is available, and restrict access to specially crafted Web pages to minimize the risk of exploitation.