Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft mshtml.dll uses a certain pointer value as part of producing Timer ID values for the setTimeout and setInterval methods in VBScript and JScript, which allows remote attackers to obtain sensitive information about the heap memory addresses used by an application, as demonstrated by the Internet Explorer 8 application.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft mshtml.dll文件信息泄露漏洞
Vulnerability Description
Microsoft MSHTML.DLL是一个用于解析HTML语言的动态链接库,IE、Outlook、Outlook Express等应用程序都使用了该动态链接库。 Microsoft mshtml.dll文件中的CTimeoutEventList::InsertIntoTimeoutList函数使用了特定指针值作为VBScript和Jscript中setTimeout和setInterval方法中生产计时器中的部分ID值。远程攻击者可以获取关于应用程序中堆内存地址中的敏感信息。该漏洞已在Internet
CVSS Information
N/A
Vulnerability Type
N/A