Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1254

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2011-1254
Last Modified 18 Jul 2011 10:44:26
Published 16 Jun 2011 04:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1254

Summary

Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Drag and Drop Memory Corruption Vulnerability."

Vulnerable Systems

Application

  • Microsoft Ie 6

  • Microsoft Ie 7

  • Microsoft Ie 8


References

MS - MS11-050


Last Updated: 27 May 2016 10:56:14