Published: 10/03/2011 Updated: 23/07/2021

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote malicious users to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, as demonstrated by Stephen Fewer as the first of three chained vulnerabilities during a Pwn2Own competition at CanSecWest 2011, aka "Object Management Memory Corruption Vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft internet_explorer 8

NVD-CWE-noinfo http://twitter.com/msftsecresponse/statuses/45646985998516224 http://www.zdnet.com/blog/security/pwn2own-2011-ie8-on-windows-7-hijacked-with-3-vulnerabilities/8367 http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011 http://twitter.com/aaronportnoy/statuses/45642180118855680 http://www.computerworld.com/s/article/9214002/Safari_IE_hacked_first_at_Pwn2Own http://www.securityfocus.com/bid/46821 http://www.securitytracker.com/id?1025327 https://threatpost.com/en_us/blogs/pwn2own-winner-stephen-fewer-031011 http://www.us-cert.gov/cas/techalerts/TA11-102A.html https://exchange.xforce.ibmcloud.com/vulnerabilities/66062 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12228 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-018 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2011-1345

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect