CVE-2011-1713

Microsoft msxml.dll - Info Disclosure

Title source: llm
STIX 2.1

Description

Microsoft msxml.dll, as used in Internet Explorer 8 on Windows 7, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function. NOTE: this might overlap CVE-2011-1202.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12693
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/66835

Scores

EPSS 0.1119
EPSS Percentile 95.4%

Details

CWE
CWE-200
Status published
Products (1)
microsoft/internet_explorer 8
Published Apr 15, 2011
Tracked Since Feb 18, 2026