Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Microsoft Internet Explorer
дополнено с 15 февраля 2012 г.
Опубликовано:10 марта 2012 г.
Источник:
SecurityVulns ID:12202
Тип:клиент
Уровень опасности:
8/10
Описание:Утечка информации, выполнение кода.
Затронутые продукты:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2012-0155 (Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Remote Code Execution Vulnerability.")
 CVE-2012-0012 (Microsoft Internet Explorer 9 does not properly handle the creation and initialization of string objects, which allows remote attackers to read data from arbitrary process-memory locations via a crafted web site, aka "Null Byte Information Disclosure Vulnerability.")
 CVE-2012-0011 (Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "HTML Layout Remote Code Execution Vulnerability.")
 CVE-2012-0010 (Microsoft Internet Explorer 6 through 9 does not properly perform copy-and-paste operations, which allows user-assisted remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Copy and Paste Information Disclosure Vulnerability.")
Оригинальный текстdocumentZDI, ZDI-12-036 : Microsoft Internet Explorer VML CDispScroller Remote Code Execution Vulnerability (10.03.2012)
 documentZDI, ZDI-12-035 : Microsoft Internet Explorer CDispNode t:MEDIA Remote Code Execution Vulnerability (10.03.2012)
Файлы:Microsoft Security Bulletin MS12-010 - Critical Cumulative Security Update for Internet Explorer (2647516)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород