CVSS: 9.3EPSS: 88%CPEs: 22EXPL: 0CVE-2011-1256 – Microsoft Internet Explorer DOM Modification Race Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-1256
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "DOM Modification Memory Corruption Vulnerability." Microsoft Internet Explorer v6 hasta v8 no maneja adecuadamente objetos en memoria, lo que permite a atacantes remotos ejecutar código accediendo a un objeto que (1) no fue correctamente inicializado o (2) es borrado, también conocido como "DOM Modification Memory Corruption Vulnerability." This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application handles multiple javascript modifications to the document. In certain instances the application will free an object due to a modification and then later access it again when attempting to destroy it. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-050 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12716 • CWE-908: Use of Uninitialized Resource •
CVSS: 9.3EPSS: 88%CPEs: 23EXPL: 0CVE-2011-1266 – Microsoft Internet Explorer vgx.dll imagedata Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-1266
The Vector Markup Language (VML) implementation in vgx.dll in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "VML Memory Corruption Vulnerability." La implementación Vector Markup Language (VML) en vgx.dll en Microsoft Internet Explorer 6 hasta la 8, no maneja adecuadamente los objetos en memoria, permitiendo a atacantes remotos ejecutar código arbitrario accediento a un objeto que (1) no se ha inicializado correctamente o (2) es eliminado, también conocido como "Vulnerabiliad de Corrupción de memoria VML." This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within vgx.dll while parsing VML objects from the DOM. Specifically, the faulty code exists while handling imagedata parameters during page deconstruction. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-052 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12593 • CWE-908: Use of Uninitialized Resource •
CVSS: 4.3EPSS: 1%CPEs: 97EXPL: 0CVE-2011-2382
https://notcve.org/view.php?id=CVE-2011-2382
Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 beta, does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing a file: URL, as demonstrated by a Facebook game, related to a "cookiejacking" issue. Microsoft Internet Explorer v8 y versiones anteriores, y la beta de Internet Explorer v9, no restringen adecuadamente las acciones de arrastrar y soltar a través de diferentes zonas de seguridad, lo que permite leer archivos de cookies a atacantes remotos asistidos por el usuario a través de vectores que implican un elemento IFRAME con un atributo SRC que contiene una URL file:, como lo demuestra un juego de Facebook, relacionado con un problema de "cookiejacking". • http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=1388 http://ju12.tistory.com/attachment/cfile4.uf%40151FAB4C4DDC9E0002A6FE.ppt http://news.cnet.com/8301-1009_3-20066419-83.html http://www.eweek.com/c/a/Security/IE-Flaw-Lets-Attackers-Steal-Cookies-Access-User-Accounts-402503 http://www.informationweek.com/news/security/vulnerabilities/229700031 http://www.networkworld.com/community/node/74259 http://www.theregister.co.uk/2011/05/25/microsoft_internet_explorer_cookiejacking http://www. • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 2%CPEs: 8EXPL: 0CVE-2011-2383
https://notcve.org/view.php?id=CVE-2011-2383
Microsoft Internet Explorer 9 and earlier does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing an http: URL that redirects to a file: URL, as demonstrated by a Facebook game, related to a "cookiejacking" issue, aka "Drag and Drop Information Disclosure Vulnerability." NOTE: this vulnerability exists because of an incomplete fix in the Internet Explorer 9 release. Microsoft Internet Explorer versión 9 y anteriores, no restringen apropiadamente las acciones de arrastrar y soltar en zona cruzada, lo que permite a los atacantes remotos asistidos por el usuario leer archivos de cookies por medio de vectores que involucran un elemento IFRAME con un atributo SRC que contiene una URL http: que redirecciona hacia URL file:, como es demostrado por un juego de Facebook, relacionado con un problema de "cookiejacking", también se conoce como "Drag and Drop Information Disclosure Vulnerability". NOTA: esta vulnerabilidad se presenta debido a una corrección incompleta en la versión 9 de Internet Explorer. • http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=1388 http://ju12.tistory.com/attachment/cfile4.uf%40151FAB4C4DDC9E0002A6FE.ppt http://news.cnet.com/8301-1009_3-20066419-83.html http://www.eweek.com/c/a/Security/IE-Flaw-Lets-Attackers-Steal-Cookies-Access-User-Accounts-402503 http://www.informationweek.com/news/security/vulnerabilities/229700031 http://www.networkworld.com/community/node/74259 http://www.theregister.co.uk/2011/05/25/microsoft_internet_explorer_cookiejacking http://www. • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 141EXPL: 1CVE-2011-1765
https://notcve.org/view.php?id=CVE-2011-1765
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.5, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .shtml at the end of the query string, in conjunction with a modified URI path that has a %2E sequence in place of the . (dot) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1578 and CVE-2011-1587. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en MediaWiki anterior a v1.16.5, cuando Internet Explorer 6 o anteriores es usado, permite a atacantes remotos inyectar código web script de su elección o HTML a través de un archivo cargado acceder con un extensión peligrosa como .shtml al final de la cadena de consulta, en conjunción con una ruta URI modificada que tiene una secuencia %2E en lugar de el caracter . (punto) NOTA: esta vulnerabilidad existe debido a un parche incompleto para CVE-2011-1578 y CVE-2011-1587. • http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060435.html http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060496.html http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060507.html http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-May/000098.html http://secunia.com/advisories/44684 http://www.securityfocus.com/bid/47722 https://bugzilla.redhat.com/show_bug.cgi?id=702512 https://bugzilla.wikimedia.org/show_bug.cgi?id=28534 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •