Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Microsoft Internet Explorer
дополнено с 15 декабря 2010 г.
Опубликовано:16 декабря 2010 г.
Источник:
SecurityVulns ID:11300
Тип:клиент
Уровень опасности:
9/10
Описание:Межсайтовый доступ к данным, многочисленные повреждения памяти.
Затронутые продукты:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2010-3345 (Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability.")
 CVE-2010-3343 (Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability.")
 CVE-2010-3342 (Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of cached content as HTML, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Cross-Domain Information Disclosure Vulnerability," a different vulnerability than CVE-2010-3348.)
 CVE-2010-3340 (Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability.")
Оригинальный текстdocumentVUPEN Security Research, VUPEN Security Research - Microsoft Internet Explorer Animation Use-after-free Vulnerability (VUPEN-SR-2010-199) (16.12.2010)
 documentIDEFENSE, iDefense Security Advisory 12.14.10: Microsoft Internet Explorer CSS Style Table Layout Uninitialized Memory Vulnerability (15.12.2010)
 documentIDEFENSE, iDefense Security Advisory 12.14.10: Microsoft Internet Explorer HTML Object Memory Corruption Vulnerability (15.12.2010)
 documentMICROSOFT, Microsoft Security Bulletin MS10-090 - Critical Cumulative Security Update for Internet Explorer (2416400) (15.12.2010)
Файлы:Microsoft Security Bulletin MS10-090 - Critical Cumulative Security Update for Internet Explorer (2416400)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород