Microsoft Internet Explorer Multiple Vulnerabilities

Last Update Date: 15 Jun 2011 12:41 Release Date: 15 Jun 2011 4986 Views

RISK: High Risk

High Risk

TYPE: Clients - Browsers

TYPE: Browsers

  1. MIME Sniffing Information Disclosure Vulnerability

    An information disclosure vulnerability exists in Internet Explorer that could allow an attacker to force the browser to perform unexpected actions when a user downloads Web content, allowing an attacker to view content from a different domain or Internet Explorer zone other than the domain or zone of the attacker's Web page.

  2. Link Properties Handling Memory Corruption Vulnerability

    A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user.

  3. DOM Manipulation Memory Corruption Vulnerability

    A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user.

  4. toStaticHTML Information Disclosure Vulnerability

    An information disclosure vulnerability exists in the way that Internet Explorer handles content using specific strings when sanitizing HTML. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could allow information disclosure if a user viewed the Web page. An attacker who successfully exploited this vulnerability could inflict cross-site scripting on the user, allowing the attacker to execute script in the user's security context against a site that is using the toStaticHTML API.

  5. Drag and Drop Memory Corruption Vulnerability

    A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user.

  6. Time Element Memory Corruption Vulnerability

    A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user.

  7. DOM Modification Memory Corruption Vulnerability

    A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user.

  8. Drag and Drop Information Disclosure Vulnerability

    An information disclosure vulnerability exists in Internet Explorer that could allow script to gain access to information in another domain or Internet Explorer zone. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could allow information disclosure if a user viewed the Web page and performed a drag-and-drop operation. An attacker who successfully exploited this vulnerability could view content from another domain or Internet Explorer zone.

  9. Layout Memory Corruption Vulnerability

    A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user.

  10. Selection Object Memory Corruption Vulnerability

    A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user.

  11. HTTP Redirect Memory Corruption Vulnerability

    A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user.

Impact

  • Remote Code Execution

System / Technologies affected

  • Internet Explorer 6
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Windows XP
  • Windows Server 2003
  • Windows Vista
  • Windows Server 2008
  • Windows 7
  • Windows Server 2008 R2

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft .NET Framework JIT Optimization Vulnerability

15 Jun 2011 5317 Views

Next

Microsoft Windows Vector Markup Language Memory Corruption Vulnerability

15 Jun 2011 5224 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY