CVE-2011-2019
published 2011-12-14CVE-2011-2019: Untrusted search path vulnerability in Microsoft Internet Explorer 9 on Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows local users to gain…
PriorityP342critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
12.97%
95.8th percentile
Untrusted search path vulnerability in Microsoft Internet Explorer 9 on Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an HTML file, aka "Internet Explorer Insecure Library Loading Vulnerability."
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| drupal | drupal | — | — |
| microsoft | internet_explorer | — | — |
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-qqfg-frwj-847v: Untrusted search path vulnerability in Microsoft Internet Explorer 9 on Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows local user
ghsa_unreviewed·2022-05-13
CVE-2011-2019 [HIGH] CWE-426 GHSA-qqfg-frwj-847v: Untrusted search path vulnerability in Microsoft Internet Explorer 9 on Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows local user
Untrusted search path vulnerability in Microsoft Internet Explorer 9 on Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an HTML file, aka "Internet Explorer Insecure Library Loading Vulnerability."
Drupal
Various Third-Party Vulnerabilities - PSA-2019-09-04
vendor_drupal·2019-09-04·CVSS 9.8
CVE-2017-9841 [CRITICAL] Various Third-Party Vulnerabilities - PSA-2019-09-04
Title: Various Third-Party Vulnerabilities - PSA-2019-09-04
Vulnerability Type: Various Third-Party Vulnerabilities
Description: In June of 2011, the Drupal Security Team issued Public Service Advisory PSA-2011-002 - External libraries and plugins . 8 years later that is still the policy of the Drupal Security team. As Drupal core and modules leverage third-party code more and more it seems like an important time to remind site owners that they are responsible for monitoring security of third-party libraries. Here is the advice from 2011 which is even more relevant today: Just like there's a need to diligently follow announcements and update contributed modules downloaded from Drupal.org, there's also a need to follow announcements by vendors of third-party libraries or plugins that are
Red Hat
struts: improper access restrictions to collections such as session and request
vendor_redhat·2011-12-21·CVSS 5.0
CVE-2011-5057 [MEDIUM] struts: improper access restrictions to collections such as session and request
struts: improper access restrictions to collections such as session and request
Apache Struts 2.3.1.2 and earlier, 2.3.19-2.3.23, provides interfaces that do not properly restrict access to collections such as the session and request collections, which might allow remote attackers to modify run-time data values via a crafted parameter to an application that implements an affected interface, as demonstrated by the SessionAware, RequestAware, ApplicationAware, ServletRequestAware, ServletResponseAware, and ParameterAware interfaces. NOTE: the vendor disputes the significance of this report because of an "easy work-around in existing apps by configuring the interceptor."
Statement: A previous statement by Red Hat related to this CVE, prior to August 2019, said that Apache Struts 2 is not in
Red Hat
struts: Multiple XSS flaws in component handlers in javatemplates plug-in
vendor_redhat·2011-03-23·CVSS 4.3
CVE-2011-2087 [MEDIUM] CWE-79 struts: Multiple XSS flaws in component handlers in javatemplates plug-in
struts: Multiple XSS flaws in component handlers in javatemplates plug-in
Multiple cross-site scripting (XSS) vulnerabilities in component handlers in the javatemplates (aka Java Templates) plugin in Apache Struts 2.x before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via an arbitrary parameter value to a .action URI, related to improper handling of value attributes in (1) FileHandler.java, (2) HiddenHandler.java, (3) PasswordHandler.java, (4) RadioHandler.java, (5) ResetHandler.java, (6) SelectHandler.java, (7) SubmitHandler.java, and (8) TextFieldHandler.java.
Statement: A previous statement by Red Hat related to this CVE, prior to August 2019, said that Apache Struts 2 is not included in any Red Hat products. This earlier statement was incorrect. While Struts 2
Red Hat
struts: Multiple XSS flaws in XWork
vendor_redhat·2011-02-22·CVSS 2.6
CVE-2011-1772 [LOW] CWE-79 struts: Multiple XSS flaws in XWork
struts: Multiple XSS flaws in XWork
Multiple cross-site scripting (XSS) vulnerabilities in XWork in Apache Struts 2.x before 2.2.3, and OpenSymphony XWork in OpenSymphony WebWork, allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) an action name, (2) the action attribute of an s:submit element, or (3) the method attribute of an s:submit element.
Statement: A previous statement by Red Hat related to this CVE, prior to August 2019, said that Apache Struts 2 is not included in any Red Hat products. This earlier statement was incorrect. While Struts 2 is not actively compiled, shipped, used, or enabled in any Red Hat provided final products, and does not cause any vulnerability in the product, struts2-core jars have been included in some products' source
Red Hat
struts: Allows remote attackers to obtain potentially sensitive information via vectors involving an s:submit element
vendor_redhat·2011-02-22·CVSS 2.6
CVE-2011-2088 [LOW] struts: Allows remote attackers to obtain potentially sensitive information via vectors involving an s:submit element
struts: Allows remote attackers to obtain potentially sensitive information via vectors involving an s:submit element
XWork 2.2.1 in Apache Struts 2.2.1, and OpenSymphony XWork in OpenSymphony WebWork, allows remote attackers to obtain potentially sensitive information about internal Java class paths via vectors involving an s:submit element and a nonexistent method, a different vulnerability than CVE-2011-1772.3.
Statement: A previous statement by Red Hat related to this CVE, prior to August 2019, said that Apache Struts 2 is not included in any Red Hat products. This earlier statement was incorrect. While Struts 2 is not actively compiled, shipped, used, or enabled in any Red Hat provided final products, and does not cause any vulnerability in the product, struts2-core jars have been i
Suricata
ET ACTIVEX HP Easy Printer Care Software XMLCacheMgr ActiveX Control Remote Code Execution Attempt
suricata·2012-01-18
CVE-2011-4786 ET ACTIVEX HP Easy Printer Care Software XMLCacheMgr ActiveX Control Remote Code Execution Attempt
ET ACTIVEX HP Easy Printer Care Software XMLCacheMgr ActiveX Control Remote Code Execution Attempt
Rule: alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET ACTIVEX HP Easy Printer Care Software XMLCacheMgr ActiveX Control Remote Code Execution Attempt"; flow:established,to_client; content:"ActiveXObject"; nocase; content:"HPESPRIT.XMLCacheMgr.1"; nocase; distance:0; content:"CacheDocumentXMLWithId"; nocase; distance:0; reference:bid,51396; reference:cve,2011-4786; classtype:attempted-user; sid:2014132; rev:2; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, created_at 2012_01_18, cve CVE_2011_4786, deployment Perimeter, confidence Medium, signature_severity Major, tag ActiveX, updated_at 2019_07_26, mitre_tactic_id TA0001, mitre
Zscaler
Zscaler Protects against Microsoft's Patch Cycle | Round 1
blogs_zscaler·CVSS 9.3
[CRITICAL] Zscaler Protects against Microsoft's Patch Cycle | Round 1
Provide users with seamless, secure, reliable access to applications and data.
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners.
Industry Report
Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
USE CASES
INDUSTRY & MARKET SOLUTIONS
PARTNERS
TECHNOLOGY PARTNERS
Resource Center
Events & Trainings
Security Research & Services
Tools
Community & Support
CXO REVOLUTIONARIES
Amplifying the voices of real-world digital and zero trust pioneers
Discover how it began and where it’s going
Meet o
Bugzilla
CVE-2019-25076 openvswitch: DoS via crafted packet
bugzilla·2022-10-17·CVSS 5.8
CVE-2019-25076 [MEDIUM] CVE-2019-25076 openvswitch: DoS via crafted packet
CVE-2019-25076 openvswitch: DoS via crafted packet
The TSS (Tuple Space Search) algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service (delays of legitimate traffic) via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache, aka a Tuple Space Explosion (TSE) attack.
https://arxiv.org/abs/2011.09107
https://www.youtube.com/watch?v=DSC3m-Bww64
https://www.youtube.com/watch?v=5cHpzVK0D28
https://sites.google.com/view/tuple-space-explosion
https://dl.acm.org/citation.cfm?doid=3359989.3365431
Discussion:
Created openvswitch tracking bugs for this issue:
Affects: fedora-all [bug 2135243]
Bugzilla
CVE-2011-2715 drupal: SQL injection due to insufficient sanitization of table names or column names
bugzilla·2020-02-06·CVSS 9.8
CVE-2011-2715 [CRITICAL] CVE-2011-2715 drupal: SQL injection due to insufficient sanitization of table names or column names
CVE-2011-2715 drupal: SQL injection due to insufficient sanitization of table names or column names
An SQL Injection vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table names or column names.
Reference:
https://www.drupal.org/node/1056470
Discussion:
Created drupal6 tracking bugs for this issue:
Affects: epel-6 [bug 1799484]
---
This CVE is for 6.20. EPEL6 has already been at 6.38 for about 4 years (https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-00c45982f6) and in addition several security backports for about a year (https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-67b3f85ea0).
Dependent bug is closed. Please close this bug as well.
---
See previous comment... please close this bug
Bugzilla
CVE-2011-2714 drupal: XSS due to insufficient sanitization of table descriptions, field names, or labels before display
bugzilla·2020-01-28·CVSS 6.1
CVE-2011-2714 [MEDIUM] CVE-2011-2714 drupal: XSS due to insufficient sanitization of table descriptions, field names, or labels before display
CVE-2011-2714 drupal: XSS due to insufficient sanitization of table descriptions, field names, or labels before display
A Cross-Site Scripting vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table descriptions, field names, or labels before display.
Reference:
https://www.drupal.org/node/1056470
Discussion:
Created drupal6 tracking bugs for this issue:
Affects: epel-6 [bug 1795699]
---
This CVE is for 6.20. EPEL6 has already been at 6.38 for about 4 years (https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-00c45982f6) and in addition several security backports for about a year (https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-67b3f85ea0).
Dependent bug is closed. Please close this bug as well.
---
Can this bug be clo
http://www.us-cert.gov/cas/techalerts/TA11-347A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-099https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13884http://www.us-cert.gov/cas/techalerts/TA11-347A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-099https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13884
2011-12-14
Published