Vulnerability Details : CVE-2011-0347
Microsoft Internet Explorer on Windows XP allows remote attackers to trigger an incorrect GUI display and have unspecified other impact via vectors related to the DOM implementation, as demonstrated by cross_fuzz.
Products affected by CVE-2011-0347
- cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*When used together with: Microsoft » Windows Xp
Exploit prediction scoring system (EPSS) score for CVE-2011-0347
35.68%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 97 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-0347
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
References for CVE-2011-0347
-
http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0698.html
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12514
Repository / Oval Repository
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/64571
Microsoft Internet Explorer GUI weak security CVE-2011-0347 Vulnerability Report
-
http://lcamtuf.blogspot.com/2011/01/announcing-crossfuzz-potential-0-day-in.html
lcamtuf's blog: Announcing cross_fuzz, a potential 0-day in circulation, and more
-
http://www.securityfocus.com/archive/1/515506/100/0/threaded
SecurityFocus
-
http://lcamtuf.coredump.cx/cross_fuzz/msie_display.jpg
msie_display.jpg (1440×900)
-
http://www.microsoft.com/technet/security/advisory/2490606.mspx
Technical documentation, API, and code examples | Microsoft DocsVendor Advisory
-
http://lcamtuf.coredump.cx/cross_fuzz/fuzzer_timeline.txt
-
http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-issues-currently-being-tracked-by-the-msrc.aspx
Assessing the risk of public issues currently being tracked by the MSRC – Microsoft Security Response Center
Jump to