1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: MSIE CVE 2011-1999

Web Attack: MSIE CVE 2011-1999

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability;

Additional Information

Microsoft Internet Explorer is a web browser available for Microsoft Windows platforms.

Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability when handling an integer parameter passed to the 'add' method of the Select HTML element. The issue occurs when the application attempts to access a dereferenced memory address.

An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage.

Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions.

Affected

  • Microsoft Internet Explorer 8

Response

The vendor has released an advisory and updates. Please see the references for details.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube