Microsoft Internet Explorer DLL Loading Arbitrary Code Execution Vulnerability

2015年7月21日

Email
Facebook
Twitter
Google+
Linkedin

危険度: : 緊急

CVE識別番号: CVE-2011-0038,MS11-003

概要

Untrusted search path vulnerability in Microsoft Internet Explorer 8 might allow local users to gain privileges via a Trojan horse IEShims.dll in the current working directory, as demonstrated by a Desktop directory that contains an HTML file, aka "Internet Explorer Insecure Library Loading Vulnerability." nvd: Per: CWE-426: Untrusted Search Path 'http://cwe.mitre.org/data/definitions/426.html'

トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

対応方法

Trend Micro Deep Security DPI Rule Number: 1004373

Trend Micro Deep Security DPI Rule Name: 1004373 - Identified Microsoft DLL File Over Network Share

影響を受けるソフトウェア

microsoft ie 8