CVE-2011-1997
Published Oct 12, 2011
Last updated 3 years ago
Overview
- Description
- Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnLoad Event Remote Code Execution Vulnerability."
- Source
- secure@microsoft.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-20
Configurations
[ { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507" } ], "operator": "OR" }, { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C" }, { "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF" }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020" }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656" }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6" } ], "operator": "OR" } ], "operator": "AND" } ]