CVE-2011-0094 - Use-after-free vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to execu

CVE-2011-0094

Summary

Use-after-free vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Layouts Handling Memory Corruption Vulnerability."

References

Vulnerable Configurations

cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:sp2:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:sp2:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:sp1:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:sp1:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*

CVSS

Base:	9.3 (as of 23-07-2021 - 15:04)
Impact:
Exploitability:

CWE

CWE-399

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:M/Au:N/C:C/I:C/A:C

msbulletin via4

bulletin_id	MS11-018
bulletin_url
date	2011-04-12T00:00:00
impact	Remote Code Execution
knowledgebase_id	2497640
knowledgebase_url
severity	Critical
title	Cumulative Security Update for Internet Explorer

oval via4

accepted

2014-08-18T04:00:30.701-04:00

class

vulnerability

contributors

name Dragos Prisaca
organization Symantec Corporation
name Maria Mikhno
organization ALTX-SOFT
name Maria Mikhno
organization ALTX-SOFT

definition_extensions

comment Microsoft Windows XP (32-bit) is installed
oval oval:org.mitre.oval:def:1353
comment Microsoft Internet Explorer 6 is installed
oval oval:org.mitre.oval:def:563
comment Microsoft Windows XP x64 is installed
oval oval:org.mitre.oval:def:15247
comment Microsoft Windows Server 2003 (32-bit) is installed
oval oval:org.mitre.oval:def:1870
comment Microsoft Windows Server 2003 (x64) is installed
oval oval:org.mitre.oval:def:730
comment Microsoft Windows Server 2003 (ia64) Gold is installed
oval oval:org.mitre.oval:def:396
comment Microsoft Internet Explorer 6 is installed
oval oval:org.mitre.oval:def:563
comment Microsoft Windows XP (32-bit) is installed
oval oval:org.mitre.oval:def:1353
comment Microsoft Windows XP x64 is installed
oval oval:org.mitre.oval:def:15247
comment Microsoft Windows Server 2003 (32-bit) is installed
oval oval:org.mitre.oval:def:1870
comment Microsoft Windows Server 2003 (x64) is installed
oval oval:org.mitre.oval:def:730
comment Microsoft Windows Server 2003 (ia64) Gold is installed
oval oval:org.mitre.oval:def:396
comment Microsoft Internet Explorer 7 is installed
oval oval:org.mitre.oval:def:627
comment Microsoft Windows Vista (32-bit) is installed
oval oval:org.mitre.oval:def:1282
comment Microsoft Windows Vista x64 Edition is installed
oval oval:org.mitre.oval:def:2041
comment Microsoft Windows Server 2008 (32-bit) is installed
oval oval:org.mitre.oval:def:4870
comment Microsoft Windows Server 2008 (64-bit) is installed
oval oval:org.mitre.oval:def:5356
comment Microsoft Windows Server 2008 (ia-64) is installed
oval oval:org.mitre.oval:def:5667
comment Microsoft Internet Explorer 7 is installed
oval oval:org.mitre.oval:def:627
comment Microsoft Windows Vista (32-bit) is installed
oval oval:org.mitre.oval:def:1282
comment Microsoft Windows Vista x64 Edition is installed
oval oval:org.mitre.oval:def:2041
comment Microsoft Windows Server 2008 (32-bit) is installed
oval oval:org.mitre.oval:def:4870
comment Microsoft Windows Server 2008 (64-bit) is installed
oval oval:org.mitre.oval:def:5356
comment Microsoft Windows Server 2008 (ia-64) is installed
oval oval:org.mitre.oval:def:5667
comment Microsoft Internet Explorer 7 is installed
oval oval:org.mitre.oval:def:627

description

family

windows

oval:org.mitre.oval:def:12463

status

accepted

submitted

2011-04-12T13:00:00

title

Layouts Handling Memory Corruption Vulnerability

version

refmap via4

cert	TA11-102A
idefense	20110412 Microsoft Internet Explorer Use-After-Free Memory Corruption Vulnerability
sectrack	1025327

Last major update

23-07-2021 - 15:04

Published

13-04-2011 - 18:55

Last modified

23-07-2021 - 15:04