What is CVE-2011-1260?

CVE-2011-1260 is a vulnerability in Microsoft Internet_explorer, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2011-06-16.

Is CVE-2011-1260 known to be exploited?

4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Microsoft Internet_explorer

CVE-2011-1260

Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Layout Memory Corr…

Vulnerability class: Buffer Overflow

EPSS: 0.799 (99.1th percentile) — read the EPSS interpretation.

Affected products

Microsoft Internet_explorer — versions 8, 9
Microsoft Windows_2003_server
Microsoft Windows_7
Microsoft Windows_server_2003
Microsoft Windows_server_2008 — versions r2
Microsoft Windows_vista
Microsoft Windows_xp
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

References

oval:org.mitre.oval:def:12308 (x_refsource_OVAL, signature, vdb-entry)
MS11-050 (x_refsource_MS, vendor-advisory)
8275 (x_refsource_SREASON, third-party-advisory)

Frequently asked questions

What is CVE-2011-1260?: CVE-2011-1260 is a vulnerability in Microsoft Internet_explorer, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2011-06-16.
Is CVE-2011-1260 known to be exploited?: 4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.