Описание
Microsoft Internet Explorer 5.01, 6, and 7 does not properly handle objects that have been incorrectly initialized or deleted, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, aka "Uninitialized Memory Corruption Vulnerability."
Ссылки
- PatchVendor Advisory
- US Government Resource
- PatchVendor Advisory
- US Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.55715
Средний
9.3 Critical
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
почти 4 года назад
Microsoft Internet Explorer 5.01, 6, and 7 does not properly handle objects that have been incorrectly initialized or deleted, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, aka "Uninitialized Memory Corruption Vulnerability."
EPSS
Процентиль: 98%
0.55715
Средний
9.3 Critical
CVSS2
Дефекты
CWE-20