Lucene search

[email protected]CVE-2011-1998

HistoryOct 12, 2011 - 2:52 a.m.

CVE-2011-1998

2011-10-1202:52:43

CWE-908

[email protected]

web.nvd.nist.gov

cve-2011-1998

microsoft

internet explorer

remote code execution

vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

Low

0.273 Low

EPSS

Percentile

96.8%

JSON

Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka “Jscript9.dll Remote Code Execution Vulnerability.”

Affected configurations

NVD

Node

microsoftinternet_explorerMatch9

AND

microsoftwindows_7Match-

microsoftwindows_7Match-sp1

microsoftwindows_server_2008Match-sp2

microsoftwindows_server_2008Matchr2-

microsoftwindows_server_2008Matchr2sp1

microsoftwindows_vistaMatch-sp2

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorereq9

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	eq	9

References

www.securityfocus.com/bid/49963

docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13199

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

Low

0.273 Low

EPSS

Percentile

96.8%

JSON

Related for CVE-2011-1998

symantec1 prion1 nvd1 checkpoint_advisories1 seebug1 cvelist1 securityvulns1 nessus1 openvas2 mskb1