CVE-2011-2001

Name: CVE-2011-2001
Creator: NVD / NIST
Published: 2011-10-12T02:52:43.8+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 43.13%

Last modified Jun 16, 2026

CVE-2011-2001 is a vulnerability of currently unknown severity. Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an attempted access to a virtual function table after corruption of this table has occurred, aka "Virtual Function Table Corruption Remote Code Execution Vulnerability.". EPSS estimates a 43.13% chance of exploitation in the next 30 days.

Description

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an attempted access to a virtual function table after corruption of this table has occurred, aka "Virtual Function Table Corruption Remote Code Execution Vulnerability."

Metrics

EPSS Probability

43.13%

98.6th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Microsoft	Internet Explorer	6
Microsoft	Internet Explorer	7
Microsoft	Internet Explorer	8
Microsoft	Internet Explorer	9

References

http://www.securityfocus.com/bid/49966Third Party Advisory, VDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081Patch, Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12223Tool Signature
http://www.securityfocus.com/bid/49966Third Party Advisory, VDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081Patch, Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12223Tool Signature

Timeline

Published: Oct 12, 2011
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2011-2001?

How severe is CVE-2011-2001?

Severity scoring for CVE-2011-2001 is pending analysis. The EPSS model estimates a 43.13% probability of exploitation in the next 30 days.

How do I fix CVE-2011-2001?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2011-2001?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST