漏洞描述
Internet Explorer是Windows操作系统中默认捆绑的web浏览器。 Internet Explorer访问尚未正确初始化对象的方式中存在一个远程执行代码漏洞。攻击者可以通过构建特制的网页来利用该漏洞,当用户查看网页时,该漏洞可能允许远程执行代码。成功利用此漏洞的攻击者可以获得与登录用户相同的用户权限。如果用户使用管理用户权限登录,成功利用此漏洞的攻击者便可完全控制受影响的系统。
Microsoft IE未初始化内存远程代码执行漏洞
PoC代码
暂无相关漏洞推荐
- POC sharepoint-lists-api-disclosure: Microsoft SharePoint - List API Disclosure
- POC sharepoint-layouts-disclosure: Microsoft SharePoint - Layouts Disclosure
- POC sharepoint-masterpage-disclosure: Microsoft SharePoint - Master Page Disclosure
- POC sharepoint-site-metadata-disclosure: Microsoft SharePoint - Site Metadata Disclosure
- POC sharepoint-sitepages-disclosure: Microsoft SharePoint - Site Pages Disclosure
- POC CVE-2025-49706: Microsoft SharePoint Server - Authentication Bypass
- (CVE-2025-53770)Microsoft SharePoint Server反序列化漏洞允许远程代码执行
- Microsoft Web Deploy 需授权 反序列化漏洞 可导致任意代码执行
- POC CVE-2019-0604: Microsoft SharePoint - Remote Code Execution
- POC CVE-2020-0646: Microsoft .NET Framework - Remote Code Execution
- POC CVE-2000-0114: Microsoft FrontPage Extensions - Information Disclosure
- POC CVE-2008-1547: Microsoft OWA Exchange Server 2003 - 'redir.asp' Open Redirection
- POC CVE-2015-1635: Microsoft Windows 'HTTP.sys' - Remote Code Execution