Lucene search
HistoryMar 11, 2021 - 4:15 p.m.
CVE-2021-26411
internet explorer
memory corruption
vulnerability
cve-2021-26411
nvd
5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L
8.1 High
AI Score
Confidence
High
0.041 Low
EPSS
Percentile
92.2%
Internet Explorer Memory Corruption Vulnerability
Affected configurations
Node
microsoftinternet_explorer_9Match1.0.0
ORmicrosoftinternet_explorer_11Match1.0.0
ORmicrosoftedgeMatch1.0..0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | internet_explorer_9 | 1.0.0 | cpe:2.3:a:microsoft:internet_explorer_9:1.0.0:*:*:*:*:*:*:* |
| microsoft | internet_explorer_11 | 1.0.0 | cpe:2.3:a:microsoft:internet_explorer_11:1.0.0:*:*:*:*:*:*:* |
| microsoft | edge | 1.0..0 | cpe:2.3:a:microsoft:edge:1.0..0:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Internet Explorer 9",
"cpes": [
"cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*"
],
"platforms": [
"Windows Server 2008 for 32-bit Systems Service Pack 2",
"Windows Server 2008 for x64-based Systems Service Pack 2"
],
"versions": [
{
"version": "1.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Internet Explorer 11",
"cpes": [
"cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 Version 1803 for 32-bit Systems",
"Windows 10 Version 1803 for x64-based Systems",
"Windows 10 Version 1803 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1909 for 32-bit Systems",
"Windows 10 Version 1909 for x64-based Systems",
"Windows 10 Version 1909 for ARM64-based Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems",
"Windows 10 Version 2004 for 32-bit Systems",
"Windows 10 Version 2004 for ARM64-based Systems",
"Windows 10 Version 2004 for x64-based Systems",
"Windows 10 Version 20H2 for 32-bit Systems",
"Windows 10 Version 20H2 for ARM64-based Systems",
"Windows 10 for 32-bit Systems",
"Windows 10 for x64-based Systems",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows 7 for 32-bit Systems Service Pack 1",
"Windows 7 for x64-based Systems Service Pack 1",
"Windows 8.1 for 32-bit systems",
"Windows 8.1 for x64-based systems",
"Windows RT 8.1",
"Windows Server 2008 R2 for x64-based Systems Service Pack 1",
"Windows Server 2012",
"Windows Server 2012 R2",
"Windows Server 2016"
],
"versions": [
{
"version": "1.0.0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Edge (EdgeHTML-based)",
"cpes": [
"cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*"
],
"platforms": [
"Windows 10 Version 1803 for 32-bit Systems",
"Windows 10 Version 1803 for x64-based Systems",
"Windows 10 Version 1803 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1909 for 32-bit Systems",
"Windows 10 Version 1909 for x64-based Systems",
"Windows 10 Version 1909 for ARM64-based Systems",
"Windows 10 Version 1903 for x64-based Systems",
"Windows 10 Version 1903 for ARM64-based Systems",
"Windows 10 Version 2004 for 32-bit Systems",
"Windows 10 Version 2004 for ARM64-based Systems",
"Windows 10 Version 2004 for x64-based Systems",
"Windows 10 Version 20H2 for 32-bit Systems",
"Windows 10 Version 20H2 for ARM64-based Systems",
"Windows 10 for 32-bit Systems",
"Windows 10 for x64-based Systems",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows Server 2016"
],
"versions": [
{
"version": "1.0..0",
"lessThan": "publication",
"versionType": "custom",
"status": "affected"
}
]
}
]Social References
More
Related
checkpoint_advisories
checkpoint_advisories
Microsoft Internet Explorer Memory Corruption (CVE-2021-26411)
2021-03-09 00:00:00
prion
prion
Memory corruption
2021-03-11 16:15:00
krebs
krebs
Microsoft Patch Tuesday, March 2021 Edition
2021-03-10 01:42:39
mskb
mskb
KB5000800: Cumulative security update for Internet Explorer: March 9, 2021
2021-03-09 08:00:00
March 9, 2021—KB5000844 (Monthly Rollup)
2021-03-09 08:00:00
March 9, 2021—KB5000807 (OS Build 10240.18874)
2021-03-09 08:00:00
cvelist
cvelist
CVE-2021-26411 Internet Explorer Memory Corruption Vulnerability
2021-03-11 15:07:28
nessus
nessus
Security Updates for Internet Explorer (March 2021)
2021-03-09 00:00:00
KB5000856: Windows Server 2008 March 2021 Security Update
2021-03-09 00:00:00
KB5000807: Windows 10 March 2021 Security Update
2021-03-09 00:00:00
malwarebytes
malwarebytes
Crimea “manifesto” deploys VBA Rat using double attack vectors
2021-07-29 15:00:00
thn
thn
New RIG Exploit Kit Campaign Infecting Victims' PCs with RedLine Stealer
2022-04-28 08:20:00
Sophisticated MATA Framework Strikes Eastern European Oil and Gas Companies
2023-10-19 13:47:00
Hackers Exploit Microsoft Browser Bug to Deploy VBA Malware on Targeted PCs
2021-07-29 15:18:00
cisa_kev
cisa_kev
Microsoft Internet Explorer Memory Corruption Vulnerability
2021-11-03 00:00:00
nvd
nvd
CVE-2021-26411
2021-03-11 16:15:13
mscve
mscve
Internet Explorer Memory Corruption Vulnerability
2021-03-09 08:00:00
threatpost
threatpost
InkySquid State Actor Exploiting Known IE Bugs
2021-08-19 20:19:04
Safari Zero-Day Used in Malicious LinkedIn Campaign
2021-07-15 11:04:49
Microsoft Patch Tuesday Updates Fix 14 Critical Bugs
2021-03-09 22:12:56
attackerkb
attackerkb
CVE-2021-26411
2021-03-11 00:00:00
kaspersky
kaspersky
KLA12108 Multiple vulnerabilities in Microsoft Browser
2021-03-09 00:00:00
KLA12112 Multiple vulnerabilities in Microsoft Products (ESU)
2021-03-09 00:00:00
securelist
securelist
Updated MATA attacks industrial companies in Eastern Europe
2023-10-18 10:00:51
IT threat evolution Q1 2021. Non-mobile statistics
2021-05-31 10:00:05
qualysblog
qualysblog
March 2021 Patch Tuesday – 82 Vulnerabilities, 10 Critical, Adobe
2021-03-09 21:33:26
Qualys Response to CISA Alert: Binding Operational Directive 22-01
2021-11-09 06:15:01
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5000807)
2021-03-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5000847)
2021-03-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5000802)
2021-03-10 00:00:00
avleonov
avleonov
Vulristics: Microsoft Patch Tuesdays Q1 2021
2021-03-26 02:47:52
googleprojectzero
googleprojectzero
The More You Know, The More You Know You Don’t Know
2022-04-19 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - March 2021
2021-03-09 22:13:03
5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L
8.1 High
AI Score
Confidence
High
0.041 Low
EPSS
Percentile
92.2%
Related for CVE-2021-26411