CVE

Id
48258  
CVE No.
CVE-2011-0346  
Status
Candidate  
Description
Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the DOM implementation and the BreakAASpecial and BreakCircularMemoryReferences functions, as demonstrated by cross_fuzz, aka "MSHTML Memory Corruption Vulnerability."  
Phase
Assigned (20110107)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
524141 48258 CVE-2011-0346 BUGTRAQ:20110101 Announcing cross_fuzz, a potential 0-day in circulation, and more  View
524142 48258 CVE-2011-0346 URL:http://www.securityfocus.com/archive/1/archive/1/515506/100/0/threaded  View
524143 48258 CVE-2011-0346 FULLDISC:20110101 Announcing cross_fuzz, a potential 0-day in circulation, and more  View
524144 48258 CVE-2011-0346 URL:http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0698.html  View
524145 48258 CVE-2011-0346 MISC:http://lcamtuf.blogspot.com/2011/01/announcing-crossfuzz-potential-0-day-in.html  View
524146 48258 CVE-2011-0346 MISC:http://lcamtuf.coredump.cx/cross_fuzz/fuzzer_timeline.txt  View
524147 48258 CVE-2011-0346 MISC:http://lcamtuf.coredump.cx/cross_fuzz/known_vuln.txt  View
524148 48258 CVE-2011-0346 MISC:http://lcamtuf.coredump.cx/cross_fuzz/msie_crash.txt  View
524149 48258 CVE-2011-0346 MISC:http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-issues-currently-being-tracked-by-the-msrc.aspx  View
524150 48258 CVE-2011-0346 MS:MS11-018  View
524151 48258 CVE-2011-0346 URL:http://www.microsoft.com/technet/security/Bulletin/MS11-018.mspx  View
524152 48258 CVE-2011-0346 CERT:TA11-102A  View
524153 48258 CVE-2011-0346 URL:http://www.us-cert.gov/cas/techalerts/TA11-102A.html  View
524154 48258 CVE-2011-0346 CERT-VN:VU#427980  View
524155 48258 CVE-2011-0346 URL:http://www.kb.cert.org/vuls/id/427980  View
524156 48258 CVE-2011-0346 BID:45639  View
524157 48258 CVE-2011-0346 URL:http://www.securityfocus.com/bid/45639  View
524158 48258 CVE-2011-0346 OVAL:oval:org.mitre.oval:def:11882  View
524159 48258 CVE-2011-0346 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11882  View
524160 48258 CVE-2011-0346 SECTRACK:1024940  View
524161 48258 CVE-2011-0346 URL:http://www.securitytracker.com/id?1024940  View
524162 48258 CVE-2011-0346 VUPEN:ADV-2011-0026  View
524163 48258 CVE-2011-0346 URL:http://www.vupen.com/english/advisories/2011/0026  View
524164 48258 CVE-2011-0346 XF:ms-ie-releaseinterface-code-execution(64482)  View

Related JVN