CVE-2011-1346 — Microsoft Internet Explorer vulnerability

4 documents3 sources

Severity

9.3CRITICALNVD

EPSS

27.1%

top 3.60%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Internet Explorer

Timeline

PublishedMar 10

Latest updateMay 13

Description

Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors, as demonstrated by Stephen Fewer as the second of three chained vulnerabilities during a Pwn2Own competition at CanSecWest 2011.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

▶NVDmicrosoft/internet_explorer8

🔴Vulnerability Details

GHSA

GHSA-rxh2-27qh-vh9r: Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors, as demo↗2022-05-13

▶

📄Research Papers

arXiv

Detile: Fine-Grained Information Leak Detection in Script Engines↗2020-07-06

▶

arXiv

Static Detection of Uninitialized Stack Variables in Binary Code↗2020-07-05

▶