Lucene search

[email protected]CVE-2011-2019

HistoryDec 14, 2011 - 12:55 a.m.

CVE-2011-2019

2011-12-1400:55:01

CWE-426

[email protected]

web.nvd.nist.gov

cve-2011-2019

internet explorer

windows server

vulnerability

privilege escalation

dll

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

Low

0.689 Medium

EPSS

Percentile

98.0%

JSON

Untrusted search path vulnerability in Microsoft Internet Explorer 9 on Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an HTML file, aka “Internet Explorer Insecure Library Loading Vulnerability.”

Affected configurations

NVD

Node

microsoftinternet_explorerMatch9

AND

microsoftwindows_7Match-

microsoftwindows_7Match-sp1

microsoftwindows_server_2008Matchr2-

microsoftwindows_server_2008Matchr2sp1

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorereq9

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	eq	9

References

www.us-cert.gov/cas/techalerts/TA11-347A.html

docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-099

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13884

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

Low

0.689 Medium

EPSS

Percentile

98.0%

JSON

Related for CVE-2011-2019

nvd1 symantec1 checkpoint_advisories1 cvelist1 prion1 nessus1 openvas2 securityvulns1 mskb1