nvd-json-data-feeds/CVE-2011/CVE-2011-03xx/CVE-2011-0347.json

{
  "id": "CVE-2011-0347",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2011-01-07T23:00:20.390",
  "lastModified": "2021-07-23T15:12:10.537",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "Microsoft Internet Explorer on Windows XP allows remote attackers to trigger an incorrect GUI display and have unspecified other impact via vectors related to the DOM implementation, as demonstrated by cross_fuzz."
    },
    {
      "lang": "es",
      "value": "Microsoft Internet Explorer en Windows XP permite a atacantes remotos provocar una incorrecta pantalla GUI y tener un impacto no especificado a trav\u00e9s de vectores relacionados con la implementaci\u00f3n DOM, como lo demuestra cross_fuzz."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": true
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ]
    }
  ],
  "configurations": [
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8682FAF3-98E3-485C-89CB-C0358C4E2AB0"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0698.html",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-issues-currently-being-tracked-by-the-msrc.aspx",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://lcamtuf.blogspot.com/2011/01/announcing-crossfuzz-potential-0-day-in.html",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://lcamtuf.coredump.cx/cross_fuzz/fuzzer_timeline.txt",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://lcamtuf.coredump.cx/cross_fuzz/msie_display.jpg",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.microsoft.com/technet/security/advisory/2490606.mspx",
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.securityfocus.com/archive/1/515506/100/0/threaded",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64571",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12514",
      "source": "cve@mitre.org"
    }
  ]
}