CVE-2011-0347

EUVD-2011-0373
Microsoft Internet Explorer on Windows XP allows remote attackers to trigger an incorrect GUI display and have unspecified other impact via vectors related to the DOM implementation, as demonstrated by cross_fuzz.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 97%
Affected Products (NVD)
VendorProductVersion
microsoftinternet_explorer
*
𝑥
= Vulnerable software versions
References
http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0698.html
http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-issues-currently-being-tracked-by-the-msrc.aspx
http://lcamtuf.blogspot.com/2011/01/announcing-crossfuzz-potential-0-day-in.html
http://lcamtuf.coredump.cx/cross_fuzz/fuzzer_timeline.txt
http://lcamtuf.coredump.cx/cross_fuzz/msie_display.jpg
http://www.microsoft.com/technet/security/advisory/2490606.mspx
http://www.securityfocus.com/archive/1/515506/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/64571
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12514
http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0698.html
http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-issues-currently-being-tracked-by-the-msrc.aspx
http://lcamtuf.blogspot.com/2011/01/announcing-crossfuzz-potential-0-day-in.html
http://lcamtuf.coredump.cx/cross_fuzz/fuzzer_timeline.txt
http://lcamtuf.coredump.cx/cross_fuzz/msie_display.jpg
http://www.microsoft.com/technet/security/advisory/2490606.mspx
http://www.securityfocus.com/archive/1/515506/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/64571
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12514