Trusted Design

• 重大度: Unknown
• 公開日: 2011-06-16
• 更新日: 2024-08-06

概要

The Timed Interactive Multimedia Extensions (aka HTML+TIME) implementation in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Time Element Memory Corruption Vulnerability."

このCVEに関連するMITRE ATT&CKテクニック

• T1099 - Timestomp
• T1003.002 - Security Account Manager
• T1583.002 - DNS Server
• T1114.001 - Local Email Collection
• T1192 - Spearphishing Link
• T1121 - Regsvcs/Regasm
• T1070.002 - Clear Linux or Mac System Logs
• T1598.003 - Spearphishing Link
• T1583.005 - Botnet
• T1608.001 - Upload Malware
• T1558 - Steal or Forge Kerberos Tickets
• T1070.008 - Clear Mailbox Data
• T1518.002 - Backup Software Discovery
• T1218.003 - CMSTP
• T1525 - Implant Internal Image
• T1181 - Extra Window Memory Injection
• T1145 - Private Keys
• T1155 - AppleScript
• T1547.003 - Time Providers
• T1042 - Change Default File Association
• T1177 - LSASS Driver
• T1055.013 - Process Doppelgänging
• T1546.008 - Accessibility Features
• T1083 - File and Directory Discovery
• T1649 - Steal or Forge Authentication Certificates
• T1051 - Shared Webroot
• T1586 - Compromise Accounts
• T1218.005 - Mshta
• T1608 - Stage Capabilities
• T1608.005 - Link Target
• T1496.004 - Cloud Service Hijacking
• T1679 - Selective Exclusion
• T1534 - Internal Spearphishing
• T1170 - Mshta
• T1218.001 - Compiled HTML File
• T1219.003 - Remote Access Hardware
• T1078 - Valid Accounts
• T1187 - Forced Authentication
• T1128 - Netsh Helper DLL
• T1203 - Exploitation for Client Execution
• T1595.003 - Wordlist Scanning
• T1574.009 - Path Interception by Unquoted Path
• T1027.004 - Compile After Delivery
• T1565.002 - Transmitted Data Manipulation
• T1223 - Compiled HTML File
• T1209 - Time Providers
• T1538 - Cloud Service Dashboard
• T1055.008 - Ptrace System Calls
• T1653 - Power Settings
• T1137.002 - Office Test
• T1173 - Dynamic Data Exchange
• T1003.003 - NTDS
• T1204.001 - Malicious Link
• T1086 - PowerShell
• T1490 - Inhibit System Recovery
• T1601.002 - Downgrade System Image
• T1127 - Trusted Developer Utilities Proxy Execution

このCVEが関連しているPulses

このCVEが関連しているPulsesはありません。

CVEの関係性グラフ

---

← CVE一覧に戻る