Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2011-1964 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Style Object Memory Corru
|
28-02-2022 - 20:01 | 10-08-2011 - 21:55 | |
CVE-2011-1960 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not properly implement JavaScript event handlers, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Event Handlers Information Disclo
|
28-02-2022 - 20:01 | 10-08-2011 - 21:55 | |
CVE-2011-1963 | 9.3 |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "XSLT Memory Corruption Vu
|
28-02-2022 - 20:00 | 10-08-2011 - 21:55 | |
CVE-2011-1962 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle unspecified character sequences, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site that triggers "inactive filtering," aka "Sh
|
28-02-2022 - 19:58 | 10-08-2011 - 21:55 | |
CVE-2011-1961 | 9.3 |
The telnet URI handler in Microsoft Internet Explorer 6 through 9 does not properly launch the handler application, which allows remote attackers to execute arbitrary programs via a crafted web site, aka "Telnet Handler Remote Code Execution Vulnerab
|
28-02-2022 - 19:54 | 10-08-2011 - 21:55 | |
CVE-2011-1257 | 7.6 |
Race condition in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors involving access to an object, aka "Window Open Race Condition Vulnerability."
|
28-02-2022 - 19:49 | 10-08-2011 - 21:55 | |
CVE-2011-2383 | 4.3 |
Microsoft Internet Explorer 9 and earlier does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing an http: U
|
23-07-2021 - 15:12 | 03-06-2011 - 17:55 | |
CVE-2011-1970 | 5.0 |
The DNS server in Microsoft Windows Server 2003 SP2 and Windows Server 2008 SP2, R2, and R2 SP1 does not properly initialize memory, which allows remote attackers to cause a denial of service (service outage) via a query for a nonexistent domain, aka
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1257 | 7.6 |
Race condition in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors involving access to an object, aka "Window Open Race Condition Vulnerability."
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1978 | 4.3 |
Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4 does not properly validate the System.Net.Sockets trust level, which allows remote attackers to obtain sensitive information or trigger arbitrary outbound network traffic via (1) a crafted XAML browser a
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1960 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not properly implement JavaScript event handlers, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Event Handlers Information Disclo
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1977 | 4.3 |
The ASP.NET Chart controls in Microsoft .NET Framework 4, and Chart Control for Microsoft .NET Framework 3.5 SP1, do not properly verify functions in URIs, which allows remote attackers to read arbitrary files via special characters in a URI in an HT
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1871 | 7.8 |
Tcpip.sys in the TCP/IP stack in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (reboot) via a series of crafted ICMP messages, aka "ICMP Denial of
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1964 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Style Object Memory Corru
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1965 | 7.1 |
Tcpip.sys in the TCP/IP stack in Microsoft Windows 7 Gold and SP1 and Windows Server 2008 R2 and R2 SP1 does not properly implement URL-based QoS, which allows remote attackers to cause a denial of service (reboot) via a crafted URL to a web server,
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1963 | 9.3 |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "XSLT Memory Corruption Vu
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1975 | 9.3 |
Untrusted search path vulnerability in the Data Access Tracing component in Windows Data Access Components (Windows DAC) 6.0 in Microsoft Windows 7 Gold and SP1 and Windows Server 2008 R2 and R2 SP1 allows local users to gain privileges via a Trojan
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1961 | 9.3 |
The telnet URI handler in Microsoft Internet Explorer 6 through 9 does not properly launch the handler application, which allows remote attackers to execute arbitrary programs via a crafted web site, aka "Telnet Handler Remote Code Execution Vulnerab
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1966 | 10.0 |
The DNS server in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 does not properly handle NAPTR queries that trigger recursive processing, which allows remote attackers to execute arbitrary code via a crafted query, aka "DNS NAPTR Query Vulnerabil
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1263 | 4.3 |
Cross-site scripting (XSS) vulnerability in the logon page in Remote Desktop Web Access (RD Web Access) in Microsoft Windows Server 2008 R2 and R2 SP1 allows remote attackers to inject arbitrary web script or HTML via the URI, aka "Remote Desktop Web
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1967 | 7.2 |
Winsrv.dll in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not proper
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1971 | 4.7 |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly parse file metadata, which allows local users to cause a denial of service (reboot) via a crafted file, aka "Windows Kern
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1962 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle unspecified character sequences, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site that triggers "inactive filtering," aka "Sh
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1967 | 7.2 |
Winsrv.dll in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not proper
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1966 | 10.0 |
The DNS server in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 does not properly handle NAPTR queries that trigger recursive processing, which allows remote attackers to execute arbitrary code via a crafted query, aka "DNS NAPTR Query Vulnerabil
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1965 | 7.1 |
Tcpip.sys in the TCP/IP stack in Microsoft Windows 7 Gold and SP1 and Windows Server 2008 R2 and R2 SP1 does not properly implement URL-based QoS, which allows remote attackers to cause a denial of service (reboot) via a crafted URL to a web server,
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1871 | 7.8 |
Tcpip.sys in the TCP/IP stack in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (reboot) via a series of crafted ICMP messages, aka "ICMP Denial of
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1263 | 4.3 |
Cross-site scripting (XSS) vulnerability in the logon page in Remote Desktop Web Access (RD Web Access) in Microsoft Windows Server 2008 R2 and R2 SP1 allows remote attackers to inject arbitrary web script or HTML via the URI, aka "Remote Desktop Web
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1978 | 4.3 |
Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4 does not properly validate the System.Net.Sockets trust level, which allows remote attackers to obtain sensitive information or trigger arbitrary outbound network traffic via (1) a crafted XAML browser a
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1977 | 4.3 |
The ASP.NET Chart controls in Microsoft .NET Framework 4, and Chart Control for Microsoft .NET Framework 3.5 SP1, do not properly verify functions in URIs, which allows remote attackers to read arbitrary files via special characters in a URI in an HT
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1975 | 9.3 |
Untrusted search path vulnerability in the Data Access Tracing component in Windows Data Access Components (Windows DAC) 6.0 in Microsoft Windows 7 Gold and SP1 and Windows Server 2008 R2 and R2 SP1 allows local users to gain privileges via a Trojan
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1970 | 5.0 |
The DNS server in Microsoft Windows Server 2003 SP2 and Windows Server 2008 SP2, R2, and R2 SP1 does not properly initialize memory, which allows remote attackers to cause a denial of service (service outage) via a query for a nonexistent domain, aka
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1971 | 4.7 |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly parse file metadata, which allows local users to cause a denial of service (reboot) via a crafted file, aka "Windows Kern
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1968 | 7.1 |
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly process packets in memory, which allows remote attackers to cause a denial of service (reboot) by sending crafted RDP p
|
26-02-2019 - 14:04 | 10-08-2011 - 21:55 | |
CVE-2011-1974 | 7.2 |
NDISTAPI.sys in the NDISTAPI driver in Remote Access Service (RAS) in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka
|
26-02-2019 - 14:04 | 10-08-2011 - 21:55 | |
CVE-2011-1976 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Report Viewer Control in Microsoft Visual Studio 2005 SP1 and Report Viewer 2005 SP1 allows remote attackers to inject arbitrary web script or HTML via a parameter in a data source, aka "Report Viewer C
|
12-10-2018 - 22:01 | 10-08-2011 - 21:55 | |
CVE-2011-1972 | 9.3 |
Microsoft Visio 2003 SP3, 2007 SP2, and 2010 Gold and SP1 does not properly validate objects in memory during Visio file parsing, which allows remote attackers to execute arbitrary code via a crafted file, aka "pStream Release RCE Vulnerability."
|
12-10-2018 - 22:01 | 10-08-2011 - 21:55 | |
CVE-2011-1979 | 9.3 |
Microsoft Visio 2003 SP3 and 2007 SP2 does not properly validate objects in memory during Visio file parsing, which allows remote attackers to execute arbitrary code via a crafted file, aka "Move Around the Block RCE Vulnerability."
|
12-10-2018 - 22:01 | 10-08-2011 - 21:55 |