🟢 CVE-2010-3962

CVE-2010-3962 is a use-after-free vulnerability in Internet Explorer 6, 7, and 8 that allows remote code execution via malicious CSS. While it was actively exploited in the wild and is on CISA KEV, it targets client-side browsers, not internet-facing servers.

← Back to Overview
LOW_RISK
Risk Level
8.1
CVSS Score
NETWORK
Attack Vector
Execution
ATT&CK Tactic
T1203 — Exploitation for Client Execution
ATT&CK Technique
VERY_LOW
Deployment Risk
No
Ransomware

📋 Vulnerability Details

Data Source: CIRCL

Confidence: HIGH

Exploitation Method: USER_INTERACTION

CVE Published: 2010-11-05

Added to CISA KEV: 2025-10-06 5449 DAYS BETWEEN CVE AND KEV

🎯 Recommendations:

🔍 Web Intelligence (Kagi · 2026-06-04)

CVE-2010-3962 is a critical memory corruption vulnerability in Microsoft Internet Explorer that was actively exploited in the wild shortly after its discovery in November 2010 [1] [4].

Vulnerability Overview
  • Type: Use-after-free / Uninitialized Memory Corruption [1]
  • Mechanism: The vulnerability exists within the Microsoft HTML engine (`mshtml.dll`) and is triggered when the browser parses a specially crafted HTML page containing specific Cascading Style Sheets (CSS) token sequences and the `clip` attribute [1] [2].
Exploitation and Impact
  • Attack Method: This is a remote code execution (RCE) vulnerability. An attacker could exploit it by enticing a user to visit a malicious website containing the crafted CSS code [1].
  • Requirements: Successful exploitation requires user interaction (the user must navigate to the malicious page). It is a network-based attack vector [1].
  • Impact: Successful exploitation allows a remote attacker to execute arbitrary code on the victim's system with the privileges of the logged-in user [1].
  • Exploit Availability: Publicly available exploit code exists, including a module in the Metasploit Framework (`exploit/windows/browser/ms10_090_ie_css_clip`) [2].
Affected Products and Mitigation
  • Affected Versions: Microsoft Internet Explorer 6, 7, and 8 [1].
  • Patch Status: Microsoft addressed this vulnerability in December 2010 as part of Security Bulletin MS10-090 [3]. Users were advised to apply the security update to mitigate the risk.
While the vulnerability was used in active attacks in 2010, it is considered a legacy issue today, as the affected versions of Internet Explorer are long past their support lifecycle.

Sources

  1. CVE-2010-3962 Detail - NVD

    Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors. ... An official website of the United States government Here's how you know ... CVE-2010-3962 Detail. Deferred. This CVE record is not being prioritized for NVD enri…

  2. CVE-2010-3962 : Use-after-free vulnerability in Microsoft Internet ...

    CVE-2010-3962 : Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Casca ... Products affected by CVE-2010-3962. Microsoft » Internet Explorer » Version: 6.Metasploit modules for CVE-2010-3962. MS10-090 Mic…

  3. Microsoft Security Bulletin MS10-090 - Critical

    This security update resolves four privately reported vulnerabilities and three publicly disclosed vulnerabilities in Internet Explorer. ... Affected and Non-Affected Software. The following software have been tested to determine which versions or editions are affected. Other versions or editions ar…

  4. CVE-2010-3962 - Vulnerability Details - OpenCVE

    Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Cascading Style Sheets (CSS) token sequences and the clip attribute, aka an "invalid flag reference" issue or "Uninitialized Memory Corruption Vulnerabilit…

Generated by PatchNow Intelligence System

Analysis based on CIRCL.LU data, Claude AI assessment, and MITRE ATT&CK framework

📄 Download JSON Data | 📡 RSS Feed