MS11-003 - Uninitialized memory corruption vulnerability in Microsoft Internet Explorer 6, 7 and 8ID: oval:org.secpod.oval:def:80 | Date: (C)2011-02-09 (M)2023-12-14 |
Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft Internet Explorer is prone to uninitialized memory corruption vulnerability. A flaw is present in the application, which fails to properly handle an object that has not been correctly initialized or has been deleted. Successful exploitation could allow attackers to gain the same user rights as a local user using a crafted webpage. If attacker gains administrator rights, he/she can install programs, view, change, or delete data, or create new accounts with full user rights.
Platform: |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Vista |
Microsoft Windows XP |
Product: |
Microsoft Internet Explorer 6 |
Microsoft Internet Explorer 7 |
Microsoft Internet Explorer 8 |