SecurityHome.eu Security vulnerability: iDefense Security Advisory 10.11.11

Home / vulnerabilities PDF

iDefense Security Advisory 10.11.11 - Internet Explorer
Posted on 13 October 2011
Source : packetstormsecurity.org Link

iDefense Security Advisory 10.11.11 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Internet Explorer could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when a Javascript event handler such as "onload" is set to a Javascript object's attributes or childNodes collection. A event object is created and this object's memory is later freed; however, a reference to the object remains. When the reference is later used to access the event object, this now-invalid memory is treated as a valid object. The corrupt object's vtable is used to make an indirect function call. This may result in the execution of arbitrary code. Microsoft Internet Explorer 6 is vulnerable.

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Exploits :

Customer Support System 1.0 Cross Site Scripting
Xhibiter NFT Marketplace 1.10.2 SQL Injection
WordPress WPCode Lite 2.1.14 Cross Site Scripting
Azon Dominator Affiliate Marketing Script SQL Injection
Simple Laboratory Management System 1.0 SQL Injection

Last 20