Vulnerability Note VU#612021
Internet Explorer VBScript Windows Help arbitrary code execution
Microsoft Internet Explorer is vulnerable to arbitrary code execution through the use of VBScript and Windows Help.
Exploit code for this vulnerability is publicly available.
By convincing a victim to view an HTML document (web page, HTML email, or email attachment) with Internet Explorer and to press the F1 key, an attacker could run arbitrary code with the privileges of the user running the application.
Apply an update
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Microsoft Corporation||Affected||-||28 Apr 2010|
CVSS Metrics (Learn More)
This vulnerability was publicly disclosed by iSEC SEcurity Research.
This document was written by Will Dormann.
- CVE IDs: CVE-2010-0483
- Date Public: 26 Feb 2010
- Date First Published: 01 Mar 2010
- Date Last Updated: 28 Apr 2010
- Severity Metric: 6.08
- Document Revision: 11
If you have feedback, comments, or additional information about this vulnerability, please send us email.