Executive Summary
Summary | |
---|---|
Title | Cumulative Security Update for Internet Explorer (2559049) |
Informations | |||
---|---|---|---|
Name | MS11-057 | First vendor Publication | 2011-08-09 |
Vendor | Microsoft | Last vendor Modification | 2011-08-09 |
Severity (Vendor) | Critical | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Severity Rating: Critical |
Original Source
Url : http://technet.microsoft.com/en-us/security/bulletin/ms11-057 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-20 | Improper Input Validation |
25 % | CWE-668 | Exposure of Resource to Wrong Sphere |
25 % | CWE-362 | Race Condition |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12383 | |||
Oval ID: | oval:org.mitre.oval:def:12383 | ||
Title: | Event Handlers Information Disclosure Vulnerability | ||
Description: | Microsoft Internet Explorer 6 through 9 does not properly implement JavaScript event handlers, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Event Handlers Information Disclosure Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1960 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12617 | |||
Oval ID: | oval:org.mitre.oval:def:12617 | ||
Title: | Style Object Memory Corruption Vulnerability | ||
Description: | Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Style Object Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1964 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12657 | |||
Oval ID: | oval:org.mitre.oval:def:12657 | ||
Title: | Shift JIS Character Encoding Vulnerability | ||
Description: | Microsoft Internet Explorer 6 through 9 does not properly handle unspecified character sequences, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site that triggers "inactive filtering," aka "Shift JIS Character Encoding Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1962 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12684 | |||
Oval ID: | oval:org.mitre.oval:def:12684 | ||
Title: | Telnet Handler Remote Code Execution Vulnerability | ||
Description: | The telnet URI handler in Microsoft Internet Explorer 6 through 9 does not properly launch the handler application, which allows remote attackers to execute arbitrary programs via a crafted web site, aka "Telnet Handler Remote Code Execution Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1961 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12753 | |||
Oval ID: | oval:org.mitre.oval:def:12753 | ||
Title: | XSLT Memory Corruption Vulnerability | ||
Description: | Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "XSLT Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1963 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12787 | |||
Oval ID: | oval:org.mitre.oval:def:12787 | ||
Title: | Window Open Race Condition Vulnerability | ||
Description: | Race condition in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors involving access to an object, aka "Window Open Race Condition Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1257 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12820 | |||
Oval ID: | oval:org.mitre.oval:def:12820 | ||
Title: | Drag and Drop Information Disclosure Vulnerability | ||
Description: | Microsoft Internet Explorer 9 and earlier does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing an http: URL that redirects to a file: URL, as demonstrated by a Facebook game, related to a "cookiejacking" issue, aka "Drag and Drop Information Disclosure Vulnerability." NOTE: this vulnerability exists because of an incomplete fix in the Internet Explorer 9 release. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-2383 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 | Product(s): | Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26378 | |||
Oval ID: | oval:org.mitre.oval:def:26378 | ||
Title: | Unspecified vulnerability allows remote attackers to bypass Protected Mode | ||
Description: | Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to bypass Protected Mode and create arbitrary files by leveraging access to a Low integrity process, as demonstrated by Stephen Fewer as the third of three chained vulnerabilities during a Pwn2Own competition at CanSecWest 2011. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1347 | Version: | 5 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Microsoft Internet Explorer 8 |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Internet Explorer Telnet URI Insecure Loading | More info here |
OpenVAS Exploits
Date | Description |
---|---|
2011-08-11 | Name : Microsoft Internet Explorer Multiple Vulnerabilities (2559049) File : nvt/secpod_ms11-057.nasl |
2011-06-13 | Name : Microsoft Internet Explorer Cookie Hijacking Vulnerability File : nvt/gb_ms_ie9_cookie_hijacking_vuln.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
74500 | Microsoft IE STYLE Object Parsing Memory Corruption |
74499 | Microsoft IE SetViewSlave() Function XSLT Object Markup Reloading Memory Corr... |
74498 | Microsoft IE Shift JIS Character Sequence Parsing Cross-domain Remote Informa... |
74497 | Microsoft IE Event Handler Cross-domain Remote Information Disclosure |
74496 | Microsoft IE Protected Mode Bypass Arbitrary File Creation |
74495 | Microsoft IE window.open() Function Race Condition Memory Corruption A memory corruption flaw exists in Microsoft Internet Explorer. The window.open() function fails to sanitize user-supplied input when the user performs specific sequences of clicks in different IE windows, resulting in memory corruption. With a specially crafted web page or ActiveX control, a context-dependent attacker can execute arbitrary code. |
74494 | Microsoft IE Crafted Link Telnet URI Handler Remote Program Execution |
72724 | Microsoft IE Cookie Jacking Account Authentication Bypass Microsoft IE contains a flaw that may allow a context-dependent attacker to use a crafted web page to steal a user's cookie session, allowing the attacker to access any account the user is currently logged into without further authentication. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-11-16 | Microsoft Internet Explorer XSLT memory corruption attempt RuleID : 31301 - Revision : 5 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer stylesheet dynamic access memory corruption attempt RuleID : 19672 - Revision : 13 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer XSLT memory corruption attempt RuleID : 19671 - Revision : 18 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer telnet.exe file load exploit attempt RuleID : 19670 - Revision : 12 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer telnet.exe file load exploit attempt RuleID : 19668 - Revision : 12 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer cross-domain scripting attack RuleID : 19667 - Revision : 8 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer multi-window access memory corruption attempt RuleID : 19666 - Revision : 9 - Type : BROWSER-IE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2011-08-09 | Name : Arbitrary code can be executed on the remote host through a web browser. File : smb_nt_ms11-057.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-11-16 21:25:23 |
|
2014-02-17 11:47:03 |
|
2014-01-19 21:30:42 |
|