Microsoft Internet Explorer Selection未初始化内存远程代码执行漏洞

Bugtraq ID: 48210 CVE ID：CVE-2011-1261 Microsoft Internet Explorer是一款微软开发的WEB浏览器。 在部分点击事件过程中Internet explorer处理javascript语句'selection.empty'存在缺陷。通过触发特定序列的事件，攻击者可释放一个还在使用的CDisplayObject对象。对之前释放内存的操作可导致任意代码执行。 Microsoft Internet Explorer 9 Microsoft Internet Explorer 8 Microsoft Internet Explorer 7...

Microsoft Internet Explorer selection.empty Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...