Описание
Heap-based buffer overflow in the substringData method in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code, related to an unspecified manipulation of a DOM object before a call to this method, aka the "HTML Objects Memory Corruption Vulnerability."
Ссылки
- Mailing List
- PatchVendor Advisory
- Third Party Advisory
- Patch
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Broken Link
- PatchTechnical DescriptionThird Party Advisory
- Mailing List
- PatchVendor Advisory
- Third Party Advisory
- Patch
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Broken Link
- PatchTechnical DescriptionThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.62851
Средний
9.3 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
Heap-based buffer overflow in the substringData method in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code, related to an unspecified manipulation of a DOM object before a call to this method, aka the "HTML Objects Memory Corruption Vulnerability."
EPSS
Процентиль: 98%
0.62851
Средний
9.3 Critical
CVSS2
Дефекты
CWE-119