CVE-2011-1961
published 2011-08-10CVE-2011-1961: The telnet URI handler in Microsoft Internet Explorer 6 through 9 does not properly launch the handler application, which allows remote attackers to execute…
PriorityP356critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
34.34%
98.2th percentile
The telnet URI handler in Microsoft Internet Explorer 6 through 9 does not properly launch the handler application, which allows remote attackers to execute arbitrary programs via a crafted web site, aka "Telnet Handler Remote Code Execution Vulnerability."
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_redhat10.0CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-qwrv-2qv7-f9m4: The telnet URI handler in Microsoft Internet Explorer 6 through 9 does not properly launch the handler application, which allows remote attackers to e
ghsa_unreviewed·2022-05-13
CVE-2011-1961 [HIGH] GHSA-qwrv-2qv7-f9m4: The telnet URI handler in Microsoft Internet Explorer 6 through 9 does not properly launch the handler application, which allows remote attackers to e
The telnet URI handler in Microsoft Internet Explorer 6 through 9 does not properly launch the handler application, which allows remote attackers to execute arbitrary programs via a crafted web site, aka "Telnet Handler Remote Code Execution Vulnerability."
Red Hat
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
vendor_redhat·2011-08-09·CVSS 10.0
CVE-2011-2417 [CRITICAL] flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2140, and CVE-2011-2425.
Red Hat
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
vendor_redhat·2011-08-09·CVSS 10.0
CVE-2011-2414 [CRITICAL] flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2415.
Red Hat
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
vendor_redhat·2011-08-09·CVSS 10.0
CVE-2011-2425 [CRITICAL] flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2140, and CVE-2011-2417.
Red Hat
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
vendor_redhat·2011-08-09·CVSS 10.0
CVE-2011-2134 [CRITICAL] flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415.
Red Hat
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
vendor_redhat·2011-08-09·CVSS 9.3
CVE-2011-2424 [CRITICAL] flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SWF file, as demonstrated by "about 400 unique crash signatures."
Red Hat
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
vendor_redhat·2011-08-09·CVSS 10.0
CVE-2011-2416 [CRITICAL] flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2138.
Red Hat
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
vendor_redhat·2011-08-09·CVSS 10.0
CVE-2011-2415 [CRITICAL] flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2414.
Red Hat
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
vendor_redhat·2011-08-09·CVSS 10.0
CVE-2011-2136 [CRITICAL] flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2138 and CVE-2011-2416.
Red Hat
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
vendor_redhat·2011-08-09·CVSS 6.4
CVE-2011-2139 [MEDIUM] flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors.
Red Hat
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
vendor_redhat·2011-08-09·CVSS 10.0
CVE-2011-2138 [CRITICAL] flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2416.
Red Hat
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
vendor_redhat·2011-08-09·CVSS 10.0
CVE-2011-2137 [CRITICAL] flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2414, and CVE-2011-2415.
Red Hat
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
vendor_redhat·2011-08-09·CVSS 10.0
CVE-2011-2140 [CRITICAL] flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2417, and CVE-2011-2425.
Red Hat
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
vendor_redhat·2011-08-09·CVSS 10.0
CVE-2011-2135 [CRITICAL] flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2140, CVE-2011-2417, and CVE-2011-2425.
Red Hat
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
vendor_redhat·2011-08-09·CVSS 10.0
CVE-2011-2130 [CRITICAL] flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2134, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415.
No detection rules found.
http://jvn.jp/en/jp/JVN80404511/index.htmlhttp://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000060.htmlhttp://www.us-cert.gov/cas/techalerts/TA11-221A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-057https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12684http://jvn.jp/en/jp/JVN80404511/index.htmlhttp://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000060.htmlhttp://www.us-cert.gov/cas/techalerts/TA11-221A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-057https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12684
2011-08-10
Published