CVSS: 9.3EPSS: 17%CPEs: 30EXPL: 0CVE-2011-1250
https://notcve.org/view.php?id=CVE-2011-1250
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Link Properties Handling Memory Corruption Vulnerability." Microsoft Internet Explorer 6 hasta la versión 9 no maneja apropiadamente los objetos en memoria, lo que permite a atacantes remotos ejecutar código arbitrario accediendo a un objeto que (1) no ha sido apropiadamente inicializado o (2) ha sido borrado. También conocido como "vulnerabilidad de corrupción de memoria en el manejo de propiedades Link". • http://www.nsfocus.com/en/advisories/1101.html http://www.securityfocus.com/archive/1/518445/100/0/threaded https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-050 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12708 • CWE-908: Use of Uninitialized Resource •
CVSS: 9.3EPSS: 88%CPEs: 30EXPL: 0CVE-2011-1261 – Microsoft Internet Explorer selection.empty Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-1261
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Selection Object Memory Corruption Vulnerability." Microsoft Internet Explorer v6 a la v9 no manejan adecuadamente los objetos en memoria, lo que permite a atacantes remotos ejecutar código de su elección accediendo a un objeto que (1) no ha sido iniciado adecuadamente o (2) es borrado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet explorer handles the javascript statement 'selection.empty' during certain onclick events. By causing a particular sequence of events, an attacker can cause a CDisplayObject to be freed while it is still in use. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-050 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12755 • CWE-908: Use of Uninitialized Resource •
CVSS: 9.3EPSS: 88%CPEs: 26EXPL: 0CVE-2011-1262 – Microsoft Internet Explorer HTTP 302 Redirect Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-1262
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "HTTP Redirect Memory Corruption Vulnerability." Microsoft Internet Explorer 7 hasta la versión 9 no maneja apropiadamente los objetos en memoria, lo que permite a atacantes remotos ejecutar código de su elección accediendo a un objeto que (1) no ha sido apropiadamente inicializado o (2) ha sido borrado, también conocido como "vulnerabilidad de corrupción de memoria HTTP". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet Explorer handles HTTP 302 redirects to CDL protocols. When Internet Explorer tries to determine who is responsible for handling the protocol redirect it fails to keep a correct reference counter to a Transaction object which results in a use-after-free vulnerability. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-050 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12405 • CWE-908: Use of Uninitialized Resource •
CVSS: 9.3EPSS: 97%CPEs: 26EXPL: 1CVE-2011-1260 – Microsoft Internet Explorer layout-grid-char style Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-1260
Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Layout Memory Corruption Vulnerability." Microsoft Internet Explorer 8 y 9 no maneja adecuadamente los objetos en memoria, lo qeu permite a atacantes remotos ejecutar código de su elección accediendo a un objeto que (1) no haya sido iniciado adecuadamente o (2) sea eleiminado. También se conoce como "Vulnerabilidad de Diseño de Corrupción de Memoria" This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet Explorer handles unusual values for the layout-grid-char style property. Specific values may result in the destruction of a tree node that is still in use during the rendering of the HTML page. • https://www.exploit-db.com/exploits/17409 http://securityreason.com/securityalert/8275 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-050 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12308 http://d0cs4vage.blogspot.com/2011/06/insecticides-dont-kill-bugs-patch.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 2%CPEs: 8EXPL: 0CVE-2011-2383
https://notcve.org/view.php?id=CVE-2011-2383
Microsoft Internet Explorer 9 and earlier does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing an http: URL that redirects to a file: URL, as demonstrated by a Facebook game, related to a "cookiejacking" issue, aka "Drag and Drop Information Disclosure Vulnerability." NOTE: this vulnerability exists because of an incomplete fix in the Internet Explorer 9 release. Microsoft Internet Explorer versión 9 y anteriores, no restringen apropiadamente las acciones de arrastrar y soltar en zona cruzada, lo que permite a los atacantes remotos asistidos por el usuario leer archivos de cookies por medio de vectores que involucran un elemento IFRAME con un atributo SRC que contiene una URL http: que redirecciona hacia URL file:, como es demostrado por un juego de Facebook, relacionado con un problema de "cookiejacking", también se conoce como "Drag and Drop Information Disclosure Vulnerability". NOTA: esta vulnerabilidad se presenta debido a una corrección incompleta en la versión 9 de Internet Explorer. • http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=1388 http://ju12.tistory.com/attachment/cfile4.uf%40151FAB4C4DDC9E0002A6FE.ppt http://news.cnet.com/8301-1009_3-20066419-83.html http://www.eweek.com/c/a/Security/IE-Flaw-Lets-Attackers-Steal-Cookies-Access-User-Accounts-402503 http://www.informationweek.com/news/security/vulnerabilities/229700031 http://www.networkworld.com/community/node/74259 http://www.theregister.co.uk/2011/05/25/microsoft_internet_explorer_cookiejacking http://www. • CWE-20: Improper Input Validation •