9.3

CVE-2011-0094

Use-after-free vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Layouts Handling Memory Corruption Vulnerability."

Data is provided by the National Vulnerability Database (NVD)
MicrosoftInternet Explorer Version6
   MicrosoftWindows 2003 Server Updatesp2
   MicrosoftWindows 2003 Server Updatesp2 Editionitanium
   MicrosoftWindows Server 2003 Updatesp2
   MicrosoftWindows Xp Updatesp3
   MicrosoftWindows Xp Version- Updatesp2 Editionx64
MicrosoftInternet Explorer Version7
   MicrosoftWindows 2003 Server Updatesp2
   MicrosoftWindows 2003 Server Updatesp2 Editionitanium
   MicrosoftWindows Server 2003 Updatesp2
   MicrosoftWindows Server 2008 Editionitanium
   MicrosoftWindows Server 2008 Editionx32
   MicrosoftWindows Server 2008 Editionx64
   MicrosoftWindows Server 2008 Updatesp2 Editionx32
   MicrosoftWindows Server 2008 Updatesp2 Editionx64
   MicrosoftWindows Server 2008 Version- Updatesp2 Editionitanium
   MicrosoftWindows Vista Updatesp1
   MicrosoftWindows Vista Updatesp2
   MicrosoftWindows Vista Version- Updatesp1
   MicrosoftWindows Vista Version- Updatesp2
   MicrosoftWindows Xp Updatesp3
   MicrosoftWindows Xp Version- Updatesp2 Editionx64
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 57.34% 0.981
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C