Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Microsoft Internet Explorer
дополнено с 13 апреля 2011 г.
Опубликовано:17 апреля 2011 г.
Источник:
SecurityVulns ID:11578
Тип:клиент
Уровень опасности:
8/10
Описание:Многочисленные повреждения памяти и утечка информации.
Затронутые продукты:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2011-1345 (Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, as demonstrated by Stephen Fewer as the first of three chained vulnerabilities during a Pwn2Own competition at CanSecWest 2011, aka "Object Management Memory Corruption Vulnerability.")
 CVE-2011-1245 (Microsoft Internet Explorer 6 and 7 does not properly restrict script access to content from a (1) different domain or (2) different zone, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Javascript Information Disclosure Vulnerability.")
 CVE-2011-1244 (Microsoft Internet Explorer 6, 7, and 8 does not enforce intended domain restrictions on content access, which allows remote attackers to obtain sensitive information or conduct clickjacking attacks via a crafted web site, aka "Frame Tag Information Disclosure Vulnerability.")
 CVE-2011-0346 (Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the DOM implementation and the BreakAASpecial and BreakCircularMemoryReferences functions, as demonstrated by cross_fuzz, aka "MSHTML Memory Corruption Vulnerability.")
 CVE-2011-0094 (Use-after-free vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Layouts Handling Memory Corruption Vulnerability.")
Оригинальный текстdocumentVUPEN Security Research, VUPEN Security Research - Microsoft Internet Explorer Property Change Memory Corruption (CVE-2011-1345) (17.04.2011)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Internet Explorer Layouts Use-after-free Vulnerability (CVE-2011-0094) (17.04.2011)
 documentIDEFENSE, iDefense Security Advisory 04.12.11: Microsoft Internet Explorer Use-After-Free Memory Corruption Vulnerability (13.04.2011)
 documentZDI, ZDI-11-119: (Pwn2Own) Microsoft Internet Explorer onPropertyChange Remote Code Execution Vulnerability (13.04.2011)
Файлы:Microsoft Security Bulletin MS11-018 - Critical Cumulative Security Update for Internet Explorer (2497640)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород