 |
|
|
|
Microsoft Internet Explorer multiple security vulnerabilities
updated since 15.12.2010 | | Published: |  | 16.12.2010 | | Source: |  | MICROSOFT | | SecurityVulns ID: |  | 11300 | | Type: |  | client | | Level: |  | 9/10 | | Description: |  | Crossite data access, multiple memory corruptions. |
| Affected: |  | MICROSOFT : Windows XP | | | | MICROSOFT : Windows 2003 Server | | | | MICROSOFT : Windows Vista | | | | MICROSOFT : Windows 2008 Server | | | | MICROSOFT : Windows 7 | | CVE: |  | CVE-2010-3345 (Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability.") | | | | CVE-2010-3343 (Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability.") | | | | CVE-2010-3342 (Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of cached content as HTML, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Cross-Domain Information Disclosure Vulnerability," a different vulnerability than CVE-2010-3348.) | | | | CVE-2010-3340 (Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability.") |
|
|
|
|
|
|
|
|
