Microsoft Internet Explorer CDwnBindInfo Object Use-After-Free Vulnerability
14 January 2013
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not
properly allocated or (2) is deleted, as demonstrated by a CDwnBindInfo object, and exploited in the wild in December 2012.
CVSS v2 Base Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Posted on 19 November 2014. | Expectations for data security next year are surprisingly optimistic given the harsh reality of 2014. Enterprise security staffers are so confident that most respondents said they would "personally guarantee that their company's customer data will be safe in 2015."
Posted on 18 November 2014. | Ryan Ward, CISO at Avatier, talks about the overlooked benefits of risk assessment, offers best practices for performing successful risk assessments, outlines the pre-requisites for becoming a risk assessment professional, and more.
Posted on 17 November 2014. | Mark Gazit, the CEO of ThetaRay, talks about leveraging Big Data to secure networks, the advantages of using math-based anomaly detection as well as the evolution of threat detection in the past decade.