Lucene search
AnonymousZDI-11-195HistoryJun 14, 2011 - 12:00 a.m.
Microsoft Internet Explorer selection.empty Remote Code Execution Vulnerability
2011-06-1400:00:00
Anonymous
www.zerodayinitiative.com
19
EPSS
0.886
Percentile
98.7%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet explorer handles the javascript statement βselection.emptyβ during certain onclick events. By causing a particular sequence of events, an attacker can cause a CDisplayObject to be freed while it is still in use. This results in an operation on previously freed memory that can be utilized to achieve remote code execution.
Related
securityvulns
securityvulns
ZDI-11-195: Microsoft Internet Explorer selection.empty Remote Code Execution Vulnerability
2011-06-19 00:00:00
Microsoft Internet Explorer multiple security vulnerabilities
2011-07-22 00:00:00
prion
prion
Memory corruption
2011-06-16 20:55:00
cvelist
cvelist
CVE-2011-1261
2011-06-16 20:21:00
seebug
seebug
cve
cve
CVE-2011-1261
2011-06-16 20:55:01
checkpoint_advisories
checkpoint_advisories
nvd
nvd
CVE-2011-1261
2011-06-16 20:55:01
openvas
openvas
Microsoft Internet Explorer Multiple Vulnerabilities (2530548)
2011-06-15 00:00:00
Microsoft Internet Explorer Multiple Vulnerabilities (2530548)
2011-06-15 00:00:00
mskb
mskb
MS11-050: Cumulative Security Update for Internet Explorer: June 14, 2011
2011-06-14 00:00:00
nessus
nessus
MS11-050: Cumulative Security Update for Internet Explorer (2530548)
2011-06-15 00:00:00
threatpost
threatpost
ExploitHub Offering Bounties β And Residuals β for Exploits
2011-10-05 13:11:31