Lucene search
Sebastian Apelt (www.siberas.de)ZDI-11-289HistoryOct 15, 2011 - 12:00 a.m.
Microsoft Internet Explorer swapNode Handling Remote Code Execution Vulnerability
2011-10-1500:00:00
Sebastian Apelt (www.siberas.de)
www.zerodayinitiative.com
21
EPSS
0.847
Percentile
98.5%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet Explorer handles calls to the method swapNode(). When a call to swapNode is issued on an node within a document that has two body nodes, Internet Explorer frees an attribute field for one of the body nodes and then later re-uses the freed field during the node swap. This behavior could result in remote code execution under the context of the current user.
Related
seebug
seebug
Microsoft Internet Explorer Body元素内存破坏漏洞(MS11-081)
2011-10-12 00:00:00
cvelist
cvelist
CVE-2011-2000
2011-10-12 01:00:00
cve
cve
CVE-2011-2000
2011-10-12 02:52:43
securityvulns
securityvulns
nvd
nvd
CVE-2011-2000
2011-10-12 02:52:43
symantec
symantec
prion
prion
Remote code execution
2011-10-12 02:52:00
checkpoint_advisories
checkpoint_advisories
Internet Explorer Body Element Memory Corruption (MS11-081; CVE-2011-2000)
2011-10-11 00:00:00
mskb
mskb
MS11-081: Cumulative Security Update for Internet Explorer: October 11, 2011
2020-05-21 04:42:54
openvas
openvas
Microsoft Internet Explorer Multiple Vulnerabilities (2586448)
2011-10-12 00:00:00
Microsoft Internet Explorer Multiple Vulnerabilities (2586448)
2011-10-12 00:00:00
nessus
nessus