Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1255

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2011-1255
Last Modified 23 Nov 2011 10:57:01
Published 16 Jun 2011 04:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1255

Summary

The Timed Interactive Multimedia Extensions (aka HTML+TIME) implementation in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Time Element Memory Corruption Vulnerability."

Vulnerable Systems

Application

  • Microsoft Ie 6

  • Microsoft Ie 7

  • Microsoft Ie 8


References

MS - MS11-050

OSVDB - 72947

CONFIRM - http://blogs.technet.com/b/srd/archive/2011/06/14/ms11-050-ie9-is-better.aspx


Last Updated: 27 May 2016 10:56:14