Microsoft Internet Explorer 6/7/8 代码注入漏洞
CVE编号
CVE-2011-0035利用情况
暂无补丁情况
N/A披露时间
2011-02-11漏洞描述
Microsoft Internet Explorer是一款微软发行的WEB浏览器。Microsoft Internet Explorer存在安全漏洞,会导致访问未正确初始化或已删除的对象,攻击者构建恶意WEB页,诱使用户访问,可导致以应用程序上下文执行任意代码。解决建议
用户可参考如下供应商提供的安全补丁修复此漏洞:Microsoft Internet Explorer 7.0Microsoft IE7-WindowsServer2003-KB2482017-x86-ENU.exehttp://www.microsoft.com/downloads/details.aspx?FamilyID=45e504d4-c17d -4b73-b08e-d9c0cb3f4918Microsoft IE7-WindowsServer2003.WindowsXP-KB2482017-x64-ENU.exehttp://www.microsoft.com/downloads/details.aspx?FamilyID=a795de21-13f4 -4035-a4d5-4257ddc92fe7Microsoft IE7-WindowsXP-KB2482017-x86-ENU.exehttp://www.microsoft.com/downloads/details.aspx?FamilyID=85bf88b7-2dd9 -4204-8492-b2c1d8d2264eMicrosoft Windows6.0-KB2482017-x86.msuhttp://www.microsoft.com/downloads/details.aspx?FamilyID=b176777e-4897 -4cf1-9fc0-dd608930bb4cMicrosoft IE7-WindowsServer2003-KB2482017-ia64-ENU.exehttp://www.microsoft.com/downloads/details.aspx?FamilyID=c41a0094-204b -4d05-ab39-a32915201af1Microsoft Windows6.0-KB2482017-ia64.msuhttp://www.microsoft.com/downloads/details.aspx?FamilyID=8c2abba5-0597 -4565-9b87-a37e574690e0Microsoft Windows6.0-KB2482017-x64.msuhttp://www.microsoft.com/downloads/details.aspx?FamilyID=20ad0136-c6df -4c7b-811f-d6b3dd9e2c56Microsoft Internet Explorer 8Microsoft Windows6.1-KB2482017-x64.msuhttp://www.microsoft.com/downloads/details.aspx?familyid=2b8ffafe-78bb -4fa7-aea2-01208b6a3dfeMicrosoft Windows6.1-KB2482017-x86.msuhttp://www.microsoft.com/downloads/details.aspx?familyid=07aa7ffc-47c7 -4611-b32c-ecb3fbcad32fMicrosoft IE8-Windows6.0-KB2482017-x64.msuhttp://www.microsoft.com/downloads/details.aspx?familyid=d3580784-aada -4118-b7f2-3a23aec2ed04Microsoft Windows6.1-KB2482017-ia64.msuhttp://www.microsoft.com/downloads/details.aspx?familyid=0e41cbe5-5e5e -4ece-a71a-71f4b6319f0dMicrosoft IE8-Windows6.0-KB2482017-x86.msuhttp://www.microsoft.com/downloads/details.aspx?familyid=77971c3c-55ec -4a9c-bcb8-8fb8c61431e3Microsoft IE8-WindowsServer2003.WindowsXP-KB2482017-x64-ENU.exehttp://www.microsoft.com/downloads/details.aspx?familyid=69dfa24b-7c56 -4521-850c-1485b062154aMicrosoft IE8-WindowsXP-KB2482017-x86-ENU.exehttp://www.microsoft.com/downloads/details.aspx?familyid=c72fbb97-2313 -45f6-842d-99db373822ddMicrosoft IE8-WindowsServer2003-KB2482017-x86-ENU.exehttp://www.microsoft.com/downloads/details.aspx?familyid=74238e08-fae2 -4f17-ac72-681226a53a40Microsoft Internet Explorer 6.0Microsoft WindowsServer2003-KB2482017-x86-ENU.exehttp://www.microsoft.com/downloads/details.aspx?FamilyID=5e0f4bf2-f727 -483a-af3a-9a2abf0c36bbMicrosoft WindowsXP-KB2482017-x86-ENU.exehttp://www.microsoft.com/downloads/details.aspx?FamilyID=ae343de6-ec61 -4891-b136-cfc4234d97d9Microsoft WindowsServer2003-KB2482017-ia64-ENU.exehttp://www.microsoft.com/downloads/details.aspx?FamilyID=b2298b32-238a -4970-bc1f-2ede51a6c361Microsoft WindowsServer2003.WindowsXP-KB2482017-x64-ENU.exehttp://www.microsoft.com/downloads/details.aspx?FamilyID=d431100d-a627 -4ea0-b75b-2d4157e38df2受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 应用 | microsoft | ie | 6 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | microsoft | ie | 7 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | microsoft | ie | 8 | - | |||||
- 攻击路径 网络
- 攻击复杂度 N/A
- 权限要求 无
- 影响范围 N/A
- 用户交互 需要
- 可用性 完全地
- 保密性 完全地
- 完整性 完全地
| CWE-ID | 漏洞类型 |
| CWE-94 | 对生成代码的控制不恰当(代码注入) |
Exp相关链接
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论