CVE-2011-1245
published 2011-04-13CVE-2011-1245: Microsoft Internet Explorer 6 and 7 does not properly restrict script access to content from a (1) different domain or (2) different zone, which allows remote…
PriorityP420medium4.3CVSS 2.0
AVNACMAuNCPINAN
EPSS
16.73%
96.6th percentile
Microsoft Internet Explorer 6 and 7 does not properly restrict script access to content from a (1) different domain or (2) different zone, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Javascript Information Disclosure Vulnerability."
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| msrc | microsoft_edge | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
vendor_msrc8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-x8q2-c58h-jr22: Microsoft Internet Explorer 6 and 7 does not properly restrict script access to content from a (1) different domain or (2) different zone, which allow
ghsa_unreviewed·2022-05-13
CVE-2011-1245 [MEDIUM] CWE-200 GHSA-x8q2-c58h-jr22: Microsoft Internet Explorer 6 and 7 does not properly restrict script access to content from a (1) different domain or (2) different zone, which allow
Microsoft Internet Explorer 6 and 7 does not properly restrict script access to content from a (1) different domain or (2) different zone, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Javascript Information Disclosure Vulnerability."
Microsoft
Chromium: CVE-2022-2011 Use after free in ANGLE
vendor_msrc·2022-06-14·CVSS 8.8
CVE-2022-2011 [HIGH] Chromium: CVE-2022-2011 Use after free in ANGLE
Chromium: CVE-2022-2011 Use after free in ANGLE
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Version
Date Released
Based on Chromium Version
102.0.1245.41
6/13/2022
102.0.5005.115
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In you
No detection rules found.
No public exploits indexed.
http://www.securityfocus.com/bid/47192http://www.securitytracker.com/id?1025327http://www.us-cert.gov/cas/techalerts/TA11-102A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-018https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12385http://www.securityfocus.com/bid/47192http://www.securitytracker.com/id?1025327http://www.us-cert.gov/cas/techalerts/TA11-102A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-018https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12385
2011-04-13
Published