Lucene search
RootSSV:20633HistoryJun 16, 2011 - 12:00 a.m.
Microsoft Internet Explorer Selection未初始化内存远程代码执行漏洞
2011-06-1600:00:00
Root
www.seebug.org
12
0.913 High
EPSS
Percentile
98.6%
Bugtraq ID: 48210
CVE ID:CVE-2011-1261
Microsoft Internet Explorer是一款微软开发的WEB浏览器。
在部分点击事件过程中Internet explorer处理javascript语句’selection.empty’存在缺陷。通过触发特定序列的事件,攻击者可释放一个还在使用的CDisplayObject对象。对之前释放内存的操作可导致任意代码执行。
Microsoft Internet Explorer 9
Microsoft Internet Explorer 8
Microsoft Internet Explorer 7.0
Microsoft Internet Explorer 7.0
Microsoft Internet Explorer 6.0 SP3
Microsoft Internet Explorer 6.0 SP2
Microsoft Internet Explorer 6.0 SP1
Microsoft Internet Explorer 6.0
厂商解决方案
用户可参考如下供应商提供的安全公告获得补丁信息:
http://www.microsoft.com/technet/security/Bulletin/MS11-050.mspx
Related
prion
prion
Memory corruption
2011-06-16 20:55:00
securityvulns
securityvulns
ZDI-11-195: Microsoft Internet Explorer selection.empty Remote Code Execution Vulnerability
2011-06-19 00:00:00
Microsoft Internet Explorer multiple security vulnerabilities
2011-07-22 00:00:00
zdi
zdi
cve
cve
CVE-2011-1261
2011-06-16 20:55:00
checkpoint_advisories
checkpoint_advisories
openvas
openvas
Microsoft Internet Explorer Multiple Vulnerabilities (2530548)
2011-06-15 00:00:00
Microsoft Internet Explorer Multiple Vulnerabilities (2530548)
2011-06-15 00:00:00
mskb
mskb
MS11-050: Cumulative Security Update for Internet Explorer: June 14, 2011
2011-06-14 00:00:00
nessus
nessus
MS11-050: Cumulative Security Update for Internet Explorer (2530548)
2011-06-15 00:00:00
threatpost
threatpost
ExploitHub Offering Bounties – And Residuals – for Exploits
2011-10-05 13:11:31