Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiIvan Fratrichttp://ifsec.blogspot.com/ZDI-11-287
HistoryOct 15, 2011 - 12:00 a.m.

Internet Explorer Select Element Cache Remote Code Execution Vulnerability

2011-10-1500:00:00
Ivan Fratrichttp://ifsec.blogspot.com/
www.zerodayinitiative.com
23

EPSS

0.937

Percentile

99.2%

JSON

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the caching implementation of a Select element. When modifying this cache, there are certain methods that do not update the cache correctly. Due to these inconsistencies, one can desynchronize the cache with elements that have been freed. While using these freed elements, the application’s perception of type-safety becomes skewed and usage of the object can lead to code execution under the context of the application.

Related

exploitdb 1
seebug 1
checkpoint_advisories 2
cvelist 1
symantec 1
packetstorm 1
metasploit 1
cve 1
nvd 1
zdt 1
prion 1
securityvulns 3
mskb 1
openvas 2
nessus 1
exploitdb
exploitdb
Microsoft Internet Explorer - Option Element Use-After-Free (MS11-081) (Metasploit)
2013-01-10 00:00:00
seebug
seebug
Microsoft IE Optionε…ƒη΄ ε†…ε­˜η ΄εζΌζ΄ž(MS11-081)
2011-10-12 00:00:00
checkpoint_advisories
checkpoint_advisories
Internet Explorer Option Element Memory Corruption (MS11-081) - Ver2 (CVE-2011-1996)
2014-03-03 00:00:00
Internet Explorer Option Element Memory Corruption (MS11-081; CVE-2011-1996)
2011-10-11 00:00:00
cvelist
cvelist
CVE-2011-1996
2011-10-12 01:00:00
symantec
symantec
Microsoft Internet Explorer Option Element CVE-2011-1996 Memory Corruption Vulnerability
2011-10-11 00:00:00
packetstorm
packetstorm
Microsoft Internet Explorer Option Element Use-After-Free
2013-01-10 00:00:00
metasploit
metasploit
MS11-081 Microsoft Internet Explorer Option Element Use-After-Free
2013-01-09 21:52:33
cve
cve
CVE-2011-1996
2011-10-12 02:52:43
nvd
nvd
CVE-2011-1996
2011-10-12 02:52:43
zdt
zdt
Microsoft Internet Explorer Option Element Use-After-Free Vulnerability
2013-01-10 00:00:00
prion
prion
Remote code execution
2011-10-12 02:52:00
securityvulns
securityvulns
ZDI-11-287 : Internet Explorer Select Element Cache Remote Code Execution Vulnerability
2011-10-20 00:00:00
Two Remote Code Execution Vulnerabilities in Internet Explorer
2011-10-16 00:00:00
Microsoft Internet Explorer multiple security vulnerabilities
2011-10-24 00:00:00
mskb
mskb
MS11-081: Cumulative Security Update for Internet Explorer: October 11, 2011
2020-05-21 04:42:54
openvas
openvas
Microsoft Internet Explorer Multiple Vulnerabilities (2586448)
2011-10-12 00:00:00
Microsoft Internet Explorer Multiple Vulnerabilities (2586448)
2011-10-12 00:00:00
nessus
nessus
MS11-081: Critical Cumulative Security Update for Internet Explorer (2586448)
2011-10-11 00:00:00

EPSS

0.937

Percentile

99.2%

JSON
Related for ZDI-11-287
exploitdb1seebug1checkpoint_advisories2cvelist1symantec1packetstorm1metasploit1cve1nvd1zdt1prion1securityvulns3mskb1openvas2nessus1