9.3

CVE-2011-1345

EPSS 50.6%
Veröffentlicht 10.03.2011 20:55:01
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, as demonstrated by Stephen Fewer as the first of three chained vulnerabilities during a Pwn2Own competition at CanSecWest 2011, aka "Object Management Memory Corruption Vulnerability."

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 15

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Internet Explorer Version8

Microsoft ≫ Windows 7

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	50.6%	0.978

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

http://www.us-cert.gov/cas/techalerts/TA11-102A.html

US Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-018

http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011

http://www.computerworld.com/s/article/9214002/Safari_IE_hacked_first_at_Pwn2Own

http://twitter.com/aaronportnoy/statuses/45642180118855680

http://twitter.com/msftsecresponse/statuses/45646985998516224

http://www.securityfocus.com/bid/46821

http://www.securitytracker.com/id?1025327

http://www.zdnet.com/blog/security/pwn2own-2011-ie8-on-windows-7-hijacked-with-3-vulnerabilities/8367

https://exchange.xforce.ibmcloud.com/vulnerabilities/66062

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12228

https://threatpost.com/en_us/blogs/pwn2own-winner-stephen-fewer-031011

https://nvd.nist.gov/vuln/detail/CVE-2011-1345

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-1345

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-1345

EUVD