Version2011-11-02 Severity Rating: Critical Revision Note: V1.2 (November 2, 2011): Announced the release of a hotfix to resolve a known issue affecting Internet Explorer 7 customers after the KB2586448 security update is installed. See the Update FAQ for details. Summary: This security update resolves eight privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Bulletin details at Microsoft.com

Related CVE Entries

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Scroll Event Remote Code Execution Vulnerability."
Max CVSS
9.3
EPSS Score
49.46%
Published
2011-10-12
Updated
2022-02-28
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "OLEAuto32.dll Remote Code Execution Vulnerability."
Max CVSS
9.3
EPSS Score
54.17%
Published
2011-10-12
Updated
2022-02-28

CVE-2011-1996

Public exploit
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Option Element Remote Code Execution Vulnerability."
Max CVSS
9.3
EPSS Score
94.10%
Published
2011-10-12
Updated
2022-02-28
Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnLoad Event Remote Code Execution Vulnerability."
Max CVSS
9.3
EPSS Score
54.90%
Published
2011-10-12
Updated
2021-07-23
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "Jscript9.dll Remote Code Execution Vulnerability."
Max CVSS
9.3
EPSS Score
24.96%
Published
2011-10-12
Updated
2022-02-28
Microsoft Internet Explorer 8 does not properly allocate and access memory, which allows remote attackers to execute arbitrary code via vectors involving a "dereferenced memory address," aka "Select Element Remote Code Execution Vulnerability."
Max CVSS
9.3
EPSS Score
95.16%
Published
2011-10-12
Updated
2022-02-28
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Body Element Remote Code Execution Vulnerability."
Max CVSS
9.3
EPSS Score
87.45%
Published
2011-10-12
Updated
2022-02-28
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an attempted access to a virtual function table after corruption of this table has occurred, aka "Virtual Function Table Corruption Remote Code Execution Vulnerability."
Max CVSS
9.3
EPSS Score
52.79%
Published
2011-10-12
Updated
2022-03-01
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!