Lucene search

MitreCVE-2011-0347

HistoryJan 07, 2011 - 11:00 p.m.

CVE-2011-0347

2011-01-0723:00:20

mitre

web.nvd.nist.gov

cve-2011-0347

microsoft

internet explorer

windows xp

dom implementation

cross_fuzz

gui display

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.1

Confidence

Low

EPSS

0.021

Percentile

89.4%

JSON

Microsoft Internet Explorer on Windows XP allows remote attackers to trigger an incorrect GUI display and have unspecified other impact via vectors related to the DOM implementation, as demonstrated by cross_fuzz.

Affected configurations

Nvd

Node

microsoftinternet_explorer

AND

microsoftwindows_xp

VendorProductVersionCPE
microsoftinternet_explorercpe:/a:microsoft:internet_explorer::::

Vendor	Product	Version	CPE
microsoft	internet_explorer		cpe:/a:microsoft:internet_explorer::::

References

archives.neohapsis.com/archives/fulldisclosure/2010-12/0698.html

blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-issues-currently-being-tracked-by-the-msrc.aspx

lcamtuf.blogspot.com/2011/01/announcing-crossfuzz-potential-0-day-in.html

lcamtuf.coredump.cx/cross_fuzz/fuzzer_timeline.txt

lcamtuf.coredump.cx/cross_fuzz/msie_display.jpg

www.microsoft.com/technet/security/advisory/2490606.mspx

www.securityfocus.com/archive/1/515506/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/64571

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12514

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.1

Confidence

Low

EPSS

0.021

Percentile

89.4%

JSON

Related for CVE-2011-0347