Описание
Microsoft Internet Explorer 7 does not properly handle errors during attempted access to deleted objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to CFunctionPointer and the appending of document objects, aka "Uninitialized Memory Corruption Vulnerability."
Ссылки
- Broken Link
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Broken Link
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
Одно из
cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2003:-:sp1:itanium:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:-:*:itanium:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_xp:-:*:professional:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:-:sp2:professional:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.86932
Высокий
9.3 Critical
CVSS2
Дефекты
CWE-399
Связанные уязвимости
github
почти 4 года назад
Microsoft Internet Explorer 7 does not properly handle errors during attempted access to deleted objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to CFunctionPointer and the appending of document objects, aka "Uninitialized Memory Corruption Vulnerability."
EPSS
Процентиль: 99%
0.86932
Высокий
9.3 Critical
CVSS2
Дефекты
CWE-399