Lucene search
K

5 matches found

securityvulns
securityvulns
added 2011/06/19 12:0 a.m.94 views

ZDI-11-197: Microsoft Internet Explorer vgx.dll imagedata Remote Code Execution Vulnerability

ZDI-11-197: Microsoft Internet Explorer vgx.dll imagedata Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-197 June 14, 2011 -- CVE ID: CVE-2011-1266 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Microsoft -- Affected Products: Microsoft Interne...

9.3CVSS0.6AI score0.17977EPSS
Exploits1
Cvelist
Cvelist
added 2011/06/16 8:21 p.m.28 views

CVE-2011-1266

The Vector Markup Language VML implementation in vgx.dll in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that 1 was not properly initialized or 2 is deleted, aka "VML Memory...

7.4AI score0.17977EPSS
Exploits1References2
seebug.org
seebug.org
added 2011/06/16 12:0 a.m.42 views

Microsoft Internet Explorer VML内存破坏CVE-2011-1266远程代码执行漏洞

Bugtraq ID: 48173 CVE ID:CVE-2011-1266 Microsoft Internet Explorer是一款微软开发的WEB浏览器。 从DOM解析VML对象时vgx.dll存在缺陷,具体来说,在页面结构过程中处理Imagedata参数时存在故障代码。通过向imagedata对象动态分配属性,进程会访问释放内存,成功利用漏洞可以应用程序上下文执行任意代码 Microsoft Internet Explorer 7.0.5730 .11 Microsoft Internet Explorer 8.0.7600.16385 Microsoft Internet...

9.3CVSS6.4AI score0.17977EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2011/06/15 12:0 a.m.41 views

MS11-052: Vulnerability in Vector Markup Language Could Allow Remote Code Execution (2544521)

The remote host is missing Internet Explorer IE Security Update 2497640. The installed version of IE is affected by a vulnerability in the implementation of the Vector Markup Language VML that could allow an attacker to execute arbitrary code on the remote host. C Tenable Network Security, Inc...

9.3CVSS6.2AI score0.17977EPSS
Exploits1References3
Check Point Advisories
Check Point Advisories
added 2011/06/14 12:0 a.m.9 views

Internet Explorer VML related src URL Memory Corruption (MS11-052; CVE-2011-1266)

A remote code execution vulnerability has been reported in in the way that Microsoft Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker could exploit the vulnerability by constructing a specially crafted Web page.Successful...

9.3CVSS7.1AI score0.17977EPSS
Exploits1
Rows per page
Query Builder