Lucene search
SkyLinedZDI-16-162HistoryFeb 09, 2016 - 12:00 a.m.
Microsoft Internet Explorer HTML form Element Type Confusion Remote Code Execution Vulnerability
2016-02-0900:00:00
SkyLined
www.zerodayinitiative.com
11
EPSS
0.569
Percentile
97.7%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how Internet Explorer handles HTML form elements. By performing certain script actions, an attacker can cause Internet Explorer to read the id or name of a form element and interpret it as a pointer. An attacker can leverage this vulnerability to execute code under the context of the current process.
Related
symantec
symantec
checkpoint_advisories
checkpoint_advisories
Microsoft Internet Explorer Memory Corruption (MS16-009: CVE-2016-0061)
2016-02-09 00:00:00
packetstorm
packetstorm
Microsoft Internet Explorer Type Confusion
2016-02-13 00:00:00
nvd
nvd
cvelist
cvelist
prion
prion
Memory corruption
2016-02-10 11:59:00
Memory corruption
2016-02-10 11:59:00
Memory corruption
2016-02-10 11:59:00
cve
cve
openvas
openvas
Microsoft Edge Multiple Vulnerabilities (3134225)
2016-02-10 00:00:00
Microsoft Internet Explorer Multiple Vulnerabilities (3134220)
2016-02-10 00:00:00
nessus
nessus
MS16-011: Cumulative Security Update for Microsoft Edge (3134225)
2016-02-09 00:00:00
MS16-009: Cumulative Security Update for Internet Explorer (3134220)
2016-02-09 00:00:00
kaspersky
kaspersky
KLA10755 Multiple vulnerabilities in Microsoft Edge
2016-02-09 00:00:00
mskb
mskb
MS16-011: Cumulative security update for Microsoft Edge: February 9, 2016
2016-02-09 00:00:00
MS16-009: Cumulative Security Update for Internet Explorer: February 9, 2016
2016-02-09 00:00:00