Max CVSS | 10.0 | Min CVSS | 1.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2009-2529 | 9.3 |
Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not properly handle argument validation for unspecified variables, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "HTML Component Handling Vulnera
|
21-10-2024 - 17:35 | 14-10-2009 - 10:30 | |
CVE-2009-2502 | 9.3 |
Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3
|
21-10-2024 - 17:35 | 14-10-2009 - 10:30 | |
CVE-2009-3671 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Unini
|
21-10-2024 - 17:35 | 09-12-2009 - 18:30 | |
CVE-2009-1529 | 9.3 |
Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by calling
|
21-10-2024 - 17:35 | 10-06-2009 - 18:30 | |
CVE-2013-0810 | 9.3 |
Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, and Windows Server 2008 SP2 allow remote attackers to execute arbitrary code via a crafted screensaver in a theme file, aka "Windows Theme File Remote Code Execution Vulner
|
21-10-2024 - 17:35 | 11-09-2013 - 14:03 | |
CVE-2010-1260 | 9.3 |
The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption,
|
21-10-2024 - 17:35 | 08-06-2010 - 22:30 | |
CVE-2009-0551 | 9.3 |
Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 does not properly handle transition errors in a request for one HTTP docum
|
21-10-2024 - 17:35 | 15-04-2009 - 08:00 | |
CVE-2010-0492 | 9.3 |
Use-after-free vulnerability in mstime.dll in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via vectors related to the TIME2 behavior, the CTimeAction object, and destruction of markup, leading to memory corruption,
|
21-10-2024 - 17:35 | 31-03-2010 - 19:30 | |
CVE-2010-0248 | 9.3 |
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corru
|
21-10-2024 - 17:35 | 22-01-2010 - 22:00 | |
CVE-2012-1539 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreePos Use After Free Vulnerability."
|
21-10-2024 - 17:35 | 14-11-2012 - 00:55 | |
CVE-2011-0346 | 9.3 |
Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the DOM i
|
21-10-2024 - 17:35 | 07-01-2011 - 23:00 | |
CVE-2010-3243 | 4.3 |
Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoint Server 2007 SP2, allows remote attackers to injec
|
17-10-2024 - 21:35 | 13-10-2010 - 19:00 | |
CVE-2011-0029 | 9.3 |
Untrusted search path vulnerability in the client in Microsoft Remote Desktop Connection 5.2, 6.0, 6.1, and 7.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contain
|
17-10-2024 - 21:35 | 09-03-2011 - 23:00 | |
CVE-2011-2013 | 10.0 |
Integer overflow in the TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code by sending a sequence of crafted UDP packets to a clos
|
17-10-2024 - 20:35 | 08-11-2011 - 21:55 | |
CVE-2012-0003 | 9.3 |
Unspecified vulnerability in winmm.dll in Windows Multimedia Library in Windows Media Player (WMP) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via a crafted MI
|
17-10-2024 - 20:35 | 10-01-2012 - 21:55 | |
CVE-2011-0657 | 7.5 |
DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process DNS queries, which allows remote
|
17-10-2024 - 20:35 | 13-04-2011 - 18:55 | |
CVE-2012-1891 | 9.3 |
Heap-based buffer overflow in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2 and Windows Data Access Components (WDAC) 6.0 allows remote attackers to execute arbitrary code via crafted XML data that triggers access to an uninitialized object
|
17-10-2024 - 19:35 | 10-07-2012 - 21:55 | |
CVE-2012-1879 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access an undefined memory location, aka "insertAdjacentText Remote Code Execution Vulnerabil
|
17-10-2024 - 19:35 | 12-06-2012 - 22:55 | |
CVE-2013-1340 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects
|
17-10-2024 - 19:35 | 10-07-2013 - 03:46 | |
CVE-2013-0022 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer LsGetTrailInfo Use After Free Vulnerability."
|
17-10-2024 - 19:35 | 13-02-2013 - 12:04 | |
CVE-2012-4787 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2) is deleted, aka "Improper Ref
|
17-10-2024 - 19:35 | 12-12-2012 - 00:55 | |
CVE-2011-1271 | 5.1 |
The JIT compiler in Microsoft .NET Framework 3.5 Gold and SP1, 3.5.1, and 4.0, when IsJITOptimizerDisabled is false, does not properly handle expressions related to null strings, which allows context-dependent attackers to bypass intended access rest
|
17-10-2024 - 19:35 | 10-05-2011 - 19:55 | |
CVE-2013-3888 | 7.2 |
dxgkrnl.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "DirectX Graphics Kernel Subsystem Double Fetch Vulnerab
|
17-10-2024 - 18:35 | 09-10-2013 - 14:53 | |
CVE-2008-4835 | 10.0 |
SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets
|
15-10-2024 - 15:35 | 14-01-2009 - 22:30 | |
CVE-2012-4792 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated
|
14-08-2024 - 15:02 | 30-12-2012 - 18:55 | |
CVE-2017-0143 | 9.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
25-07-2024 - 14:00 | 17-03-2017 - 00:59 | |
CVE-2012-0158 | 9.3 |
The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005
|
24-07-2024 - 17:07 | 10-04-2012 - 21:55 | |
CVE-2015-1641 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, and Office Web Apps Server 2010 SP2 and 2
|
24-07-2024 - 17:06 | 14-04-2015 - 20:59 | |
CVE-2016-0167 | 7.2 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted a
|
24-07-2024 - 17:06 | 12-04-2016 - 23:59 | |
CVE-2016-3235 | 9.3 |
Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, Visio Viewer 2007 SP3, and Visio Viewer 2010 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Lo
|
24-07-2024 - 17:05 | 16-06-2016 - 01:59 | |
CVE-2016-0185 | 9.3 |
Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, and Windows 8.1 allows remote attackers to execute arbitrary code via a crafted Media Center link (aka .mcl) file, aka "Windows Media Center Remote Code Execution Vulnerability."
|
24-07-2024 - 17:05 | 11-05-2016 - 01:59 | |
CVE-2014-1776 | 10.0 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as ex
|
24-07-2024 - 16:47 | 27-04-2014 - 10:55 | |
CVE-2017-0145 | 9.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
24-07-2024 - 16:22 | 17-03-2017 - 00:59 | |
CVE-2014-6352 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploit
|
24-07-2024 - 16:20 | 22-10-2014 - 14:55 | |
CVE-2013-3906 | 9.3 |
GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafte
|
24-07-2024 - 16:19 | 06-11-2013 - 15:55 | |
CVE-2014-1761 | 9.3 |
Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac 2011; Word Automation Services on SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Of
|
24-07-2024 - 16:05 | 25-03-2014 - 13:24 | |
CVE-2017-0144 | 9.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
24-07-2024 - 16:03 | 17-03-2017 - 00:59 | |
CVE-2011-1889 | 10.0 |
The NSPLookupServiceNext function in the client in Microsoft Forefront Threat Management Gateway (TMG) 2010 allows remote attackers to execute arbitrary code via vectors involving unspecified requests, aka "TMG Firewall Client Memory Corruption Vulne
|
24-07-2024 - 14:30 | 16-06-2011 - 20:55 | |
CVE-2016-7193 | 9.3 |
Microsoft Word 2007 SP2, Office 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services o
|
24-07-2024 - 14:27 | 14-10-2016 - 02:59 | |
CVE-2017-0001 | 7.2 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privil
|
24-07-2024 - 14:26 | 17-03-2017 - 00:59 | |
CVE-2017-0146 | 9.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
16-07-2024 - 17:55 | 17-03-2017 - 00:59 | |
CVE-2017-0037 | 7.6 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via ve
|
16-07-2024 - 17:52 | 26-02-2017 - 23:59 | |
CVE-2017-0059 | 4.3 |
Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." This vulnerability is different from those descr
|
16-07-2024 - 17:51 | 17-03-2017 - 00:59 | |
CVE-2015-2424 | 9.3 |
Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a c
|
16-07-2024 - 17:42 | 14-07-2015 - 21:59 | |
CVE-2010-3333 | 9.3 |
Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via
|
16-07-2024 - 17:38 | 10-11-2010 - 03:00 | |
CVE-2012-1856 | 9.3 |
The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Office 2003 Web Components SP3, Office 2007 SP2 and SP3, Office 2010 SP1, SQL Server 2000 SP4, SQL Server 2005 SP4, SQL Server 2008 SP2, SP3, R2, R2 SP1
|
16-07-2024 - 17:37 | 15-08-2012 - 01:55 | |
CVE-2013-3897 | 9.3 |
Use-after-free vulnerability in the CDisplayPointer class in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JavaScript code that us
|
16-07-2024 - 17:35 | 09-10-2013 - 14:54 | |
CVE-2013-1347 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly allocated or (2) is deleted, as exploited in the wild in May 2013.
|
16-07-2024 - 17:35 | 05-05-2013 - 11:07 | |
CVE-2015-1642 | 9.3 |
Microsoft Office 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
16-07-2024 - 17:34 | 15-08-2015 - 00:59 | |
CVE-2016-7262 | 6.8 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow user-assisted remote attackers to execute arbitrary commands via a crafted cell that is mishandled upon a c
|
16-07-2024 - 17:33 | 20-12-2016 - 06:59 | |
CVE-2014-4114 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object in an Offic
|
16-07-2024 - 17:23 | 15-10-2014 - 10:55 | |
CVE-2009-3129 | 9.3 |
Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and P
|
16-07-2024 - 17:18 | 11-11-2009 - 19:30 | |
CVE-2017-0148 | 9.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
09-07-2024 - 18:28 | 17-03-2017 - 00:59 | |
CVE-2015-1770 | 9.3 |
Microsoft Office 2013 SP1 and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Uninitialized Memory Use Vulnerability."
|
09-07-2024 - 18:27 | 10-06-2015 - 01:59 | |
CVE-2013-3660 | 6.9 |
The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 does
|
09-07-2024 - 18:25 | 24-05-2013 - 20:55 | |
CVE-2016-0189 | 7.6 |
The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site
|
09-07-2024 - 18:25 | 11-05-2016 - 01:59 | |
CVE-2015-2419 | 9.3 |
JScript 9 in Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "JScript9 Memory Corruption Vulnerability."
|
09-07-2024 - 18:24 | 14-07-2015 - 21:59 | |
CVE-2012-2539 | 9.3 |
Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; and Office Web Apps 2010 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RT
|
09-07-2024 - 18:23 | 12-12-2012 - 00:55 | |
CVE-2013-2551 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, as demonstrated by VUPEN during a Pwn2Own competition at CanSe
|
09-07-2024 - 18:22 | 11-03-2013 - 10:55 | |
CVE-2016-7200 | 7.6 |
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vu
|
09-07-2024 - 18:21 | 10-11-2016 - 06:59 | |
CVE-2016-7201 | 7.6 |
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vu
|
09-07-2024 - 18:21 | 10-11-2016 - 06:59 | |
CVE-2016-0040 | 7.2 |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "Windows Elevation of Privilege Vulnerability."
|
09-07-2024 - 18:21 | 10-02-2016 - 11:59 | |
CVE-2015-2502 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," as exploited in the wild in August 2015.
|
02-07-2024 - 17:42 | 19-08-2015 - 10:59 | |
CVE-2014-4113 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users
|
02-07-2024 - 16:57 | 15-10-2014 - 10:55 | |
CVE-2014-0322 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via vectors involving crafted JavaScript code, CMarkup, and the onpropertychange attribute of a script element, as exploited in the
|
02-07-2024 - 16:50 | 14-02-2014 - 16:55 | |
CVE-2017-0147 | 4.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
02-07-2024 - 13:00 | 17-03-2017 - 00:59 | |
CVE-2017-0149 | 7.6 |
Microsoft Internet Explorer 9 through 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." This vulnerability is differen
|
02-07-2024 - 13:00 | 17-03-2017 - 00:59 | |
CVE-2017-0005 | 6.9 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privil
|
02-07-2024 - 12:59 | 17-03-2017 - 00:59 | |
CVE-2016-7256 | 9.3 |
atmfd.dll in the Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows rem
|
02-07-2024 - 12:58 | 10-11-2016 - 07:00 | |
CVE-2016-3298 | 2.6 |
Microsoft Internet Explorer 9 through 11 and the Internet Messaging API in Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow remote attackers to determine the existence of arbitrary files via a crafted web site, aka "Inte
|
02-07-2024 - 12:23 | 14-10-2016 - 02:59 | |
CVE-2016-3351 | 2.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
|
02-07-2024 - 12:23 | 14-09-2016 - 10:59 | |
CVE-2016-3393 | 9.3 |
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers t
|
02-07-2024 - 12:23 | 14-10-2016 - 02:59 | |
CVE-2016-0162 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to determine the existence of files via crafted JavaScript code, aka "Internet Explorer Information Disclosure Vulnerability."
|
02-07-2024 - 12:20 | 12-04-2016 - 23:59 | |
CVE-2015-0071 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."
|
02-07-2024 - 12:18 | 11-02-2015 - 03:01 | |
CVE-2016-0034 | 9.3 |
Microsoft Silverlight 5 before 5.1.41212.0 mishandles negative offsets during decoding, which allows remote attackers to execute arbitrary code or cause a denial of service (object-header corruption) via a crafted web site, aka "Silverlight Runtime R
|
01-07-2024 - 17:56 | 13-01-2016 - 05:59 | |
CVE-2014-2817 | 6.8 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
28-06-2024 - 17:29 | 12-08-2014 - 21:55 | |
CVE-2015-1671 | 9.3 |
The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2; Office 2007 SP3 and 2010 SP2; Live Meeting 2007 Console; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; Lync Basic 2013 SP1; Silverligh
|
28-06-2024 - 17:26 | 13-05-2015 - 10:59 | |
CVE-2013-0074 | 9.3 |
Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate pointers during HTML object rendering, which allows remote attackers to execute arbitrary code via a crafted Silverlight application, aka "Silverlight Dou
|
28-06-2024 - 17:26 | 13-03-2013 - 00:55 | |
CVE-2014-4123 | 6.8 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," as exploited in the wild in October 2014, a different vulnerability than CVE-201
|
28-06-2024 - 17:25 | 15-10-2014 - 10:55 | |
CVE-2014-4148 | 9.3 |
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attac
|
28-06-2024 - 17:24 | 15-10-2014 - 10:55 | |
CVE-2015-2425 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
28-06-2024 - 17:22 | 14-07-2015 - 21:59 | |
CVE-2013-1331 | 9.3 |
Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation, aka "Office Buffer Overflow Vulnerability."
|
28-06-2024 - 14:18 | 12-06-2013 - 03:29 | |
CVE-2012-1889 | 9.3 |
Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
|
28-06-2024 - 14:18 | 13-06-2012 - 04:46 | |
CVE-2012-0151 | 9.3 |
The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly valida
|
28-06-2024 - 14:18 | 10-04-2012 - 21:55 | |
CVE-2010-2572 | 9.3 |
Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint 95 document, aka "PowerPoint Parsing Buffer Overflow Vulnerability."
|
28-06-2024 - 14:16 | 10-11-2010 - 03:00 | |
CVE-2009-0557 | 9.3 |
Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office
|
28-06-2024 - 14:15 | 10-06-2009 - 18:30 | |
CVE-2009-0563 | 9.3 |
Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; Microsoft Office Word Viewer 2003 SP3; Microsoft Office Word Viewer; and Mi
|
28-06-2024 - 14:15 | 10-06-2009 - 18:00 | |
CVE-2010-2568 | 9.3 |
Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote attackers to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file, which is not prope
|
28-06-2024 - 14:02 | 22-07-2010 - 05:43 | |
CVE-2013-3163 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
28-06-2024 - 13:40 | 10-07-2013 - 03:46 | |
CVE-2016-0165 | 7.2 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted a
|
27-06-2024 - 19:16 | 12-04-2016 - 23:59 | |
CVE-2010-0249 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote
|
15-02-2024 - 21:06 | 15-01-2010 - 17:30 | |
CVE-2015-1743 | 5.1 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1748.
|
15-02-2024 - 20:11 | 10-06-2015 - 01:59 | |
CVE-2009-0553 | 9.3 |
Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 allows remote attackers to execute arbitrary code via a web page that trig
|
14-02-2024 - 01:17 | 15-04-2009 - 08:00 | |
CVE-2009-1532 | 9.3 |
Microsoft Internet Explorer 8 for Windows XP SP2 and SP3; 8 for Server 2003 SP2; 8 for Vista Gold, SP1, and SP2; and 8 for Server 2008 SP2 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via "malfor
|
09-02-2024 - 03:22 | 10-06-2009 - 18:30 | |
CVE-2009-2523 | 10.0 |
The License Logging Server (llssrv.exe) in Microsoft Windows 2000 SP4 allows remote attackers to execute arbitrary code via an RPC message containing a string without a null terminator, which triggers a heap-based buffer overflow in the LlsrLicenseRe
|
09-02-2024 - 00:24 | 11-11-2009 - 19:30 | |
CVE-2009-0231 | 9.3 |
The Embedded OpenType (EOT) Font Engine (T2EMBED.DLL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted name table in
|
08-02-2024 - 02:14 | 15-07-2009 - 15:30 | |
CVE-2010-3328 | 9.3 |
Use-after-free vulnerability in the CAttrArray::PrivateFind function in mshtml.dll in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code by setting an unspecified property of a stylesheet object, aka "Uninitiali
|
02-02-2024 - 16:00 | 13-10-2010 - 19:00 | |
CVE-2010-0258 | 9.3 |
Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP
|
02-02-2024 - 02:38 | 10-03-2010 - 22:30 | |
CVE-2013-1315 | 9.3 |
Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to exec
|
03-10-2023 - 15:37 | 11-09-2013 - 14:03 | |
CVE-2015-0063 | 9.3 |
Microsoft Excel 2007 SP3; the proofing tools in Office 2010 SP2; Excel 2010 SP2; Excel 2013 Gold, SP1, and RT; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corru
|
03-10-2023 - 15:36 | 11-02-2015 - 03:01 | |
CVE-2017-0060 | 2.1 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain
|
31-03-2023 - 18:31 | 17-03-2017 - 00:59 | |
CVE-2017-0073 | 4.3 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain
|
31-03-2023 - 18:29 | 17-03-2017 - 00:59 | |
CVE-2016-3201 | 4.3 |
Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted PDF document, aka "Windows PDF Information Disclosure Vulner
|
23-02-2023 - 18:36 | 16-06-2016 - 01:59 | |
CVE-2015-6042 | 9.3 |
Use-after-free vulnerability in the CWindow object implementation in Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memo
|
13-02-2023 - 18:58 | 14-10-2015 - 01:59 | |
CVE-2015-6051 | 4.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
13-02-2023 - 18:58 | 14-10-2015 - 01:59 | |
CVE-2015-6048 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
13-02-2023 - 18:54 | 14-10-2015 - 01:59 | |
CVE-2009-3555 | 5.8 |
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Secu
|
13-02-2023 - 02:20 | 09-11-2009 - 17:30 | |
CVE-2008-4609 | 7.1 |
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vect
|
14-12-2022 - 16:40 | 20-10-2008 - 17:59 | |
CVE-2013-3900 | 7.6 |
The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does
|
02-11-2022 - 15:15 | 11-12-2013 - 00:55 | |
CVE-2011-2001 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an attempted access to a virtual function table after corruption of this table has occurred, aka "Virtual
|
01-03-2022 - 16:39 | 12-10-2011 - 02:52 | |
CVE-2012-0171 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "SelectAll Remote Code Execution Vulnerability."
|
01-03-2022 - 16:34 | 10-04-2012 - 21:55 | |
CVE-2012-0169 | 9.3 |
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "JScript9 Remote Code Execution Vulnerability."
|
01-03-2022 - 16:33 | 10-04-2012 - 21:55 | |
CVE-2012-0168 | 7.6 |
Microsoft Internet Explorer 6 through 9 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML document that is not properly handled during a "Print table of links" print operation, aka "Print Feature Remote Code Execution
|
01-03-2022 - 16:32 | 10-04-2012 - 21:55 | |
CVE-2012-0155 | 9.3 |
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Remote Code Execution Vulnerability."
|
01-03-2022 - 16:30 | 14-02-2012 - 22:55 | |
CVE-2012-0012 | 4.3 |
Microsoft Internet Explorer 9 does not properly handle the creation and initialization of string objects, which allows remote attackers to read data from arbitrary process-memory locations via a crafted web site, aka "Null Byte Information Disclosure
|
01-03-2022 - 16:29 | 14-02-2012 - 22:55 | |
CVE-2012-0011 | 9.3 |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "HTML Layout Remote Code Execution Vulnerability."
|
01-03-2022 - 16:28 | 14-02-2012 - 22:55 | |
CVE-2012-0010 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not properly perform copy-and-paste operations, which allows user-assisted remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Copy and Paste Information D
|
01-03-2022 - 14:58 | 14-02-2012 - 22:55 | |
CVE-2011-2019 | 9.3 |
Untrusted search path vulnerability in Microsoft Internet Explorer 9 on Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a d
|
01-03-2022 - 14:50 | 14-12-2011 - 00:55 | |
CVE-2011-1992 | 4.3 |
The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to read content from a different (1) domain or (2) zone via a "trial and error" attack, aka "XSS Filter Information Disclosure Vulnerability."
|
01-03-2022 - 14:26 | 14-12-2011 - 00:55 | |
CVE-2011-2000 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Body Element Remote Code Execution Vulnerability."
|
28-02-2022 - 20:50 | 12-10-2011 - 02:52 | |
CVE-2011-1999 | 9.3 |
Microsoft Internet Explorer 8 does not properly allocate and access memory, which allows remote attackers to execute arbitrary code via vectors involving a "dereferenced memory address," aka "Select Element Remote Code Execution Vulnerability."
|
28-02-2022 - 20:49 | 12-10-2011 - 02:52 | |
CVE-2011-1998 | 9.3 |
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "Jscript9.dll Remote Code Execution Vulnerability."
|
28-02-2022 - 20:26 | 12-10-2011 - 02:52 | |
CVE-2011-1996 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Option Element Remote Code Execution Vulnerability."
|
28-02-2022 - 20:25 | 12-10-2011 - 02:52 | |
CVE-2011-1995 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "OLEAuto32.dll Remote Code Execution Vulnerabili
|
28-02-2022 - 20:23 | 12-10-2011 - 02:52 | |
CVE-2011-1993 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Scroll Event Remote Code Execution Vulnerability."
|
28-02-2022 - 20:17 | 12-10-2011 - 02:52 | |
CVE-2011-1964 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Style Object Memory Corru
|
28-02-2022 - 20:01 | 10-08-2011 - 21:55 | |
CVE-2011-1960 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not properly implement JavaScript event handlers, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Event Handlers Information Disclo
|
28-02-2022 - 20:01 | 10-08-2011 - 21:55 | |
CVE-2011-1963 | 9.3 |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "XSLT Memory Corruption Vu
|
28-02-2022 - 20:00 | 10-08-2011 - 21:55 | |
CVE-2011-1962 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle unspecified character sequences, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site that triggers "inactive filtering," aka "Sh
|
28-02-2022 - 19:58 | 10-08-2011 - 21:55 | |
CVE-2011-1961 | 9.3 |
The telnet URI handler in Microsoft Internet Explorer 6 through 9 does not properly launch the handler application, which allows remote attackers to execute arbitrary programs via a crafted web site, aka "Telnet Handler Remote Code Execution Vulnerab
|
28-02-2022 - 19:54 | 10-08-2011 - 21:55 | |
CVE-2011-1257 | 7.6 |
Race condition in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors involving access to an object, aka "Window Open Race Condition Vulnerability."
|
28-02-2022 - 19:49 | 10-08-2011 - 21:55 | |
CVE-2011-1266 | 9.3 |
The Vector Markup Language (VML) implementation in vgx.dll in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly
|
28-02-2022 - 19:48 | 16-06-2011 - 20:55 | |
CVE-2011-1262 | 9.3 |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "HTTP Redirect Memory Corr
|
28-02-2022 - 19:46 | 16-06-2011 - 20:55 | |
CVE-2011-1261 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Selection Object Memory C
|
28-02-2022 - 19:44 | 16-06-2011 - 20:55 | |
CVE-2011-1258 | 4.3 |
Microsoft Internet Explorer 6 through 8 does not properly restrict web script, which allows user-assisted remote attackers to obtain sensitive information from a different (1) domain or (2) zone via vectors involving a drag-and-drop operation, aka "D
|
28-02-2022 - 19:43 | 16-06-2011 - 20:55 | |
CVE-2011-1256 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "DOM Modification Memory C
|
28-02-2022 - 19:41 | 16-06-2011 - 20:55 | |
CVE-2011-1255 | 9.3 |
The Timed Interactive Multimedia Extensions (aka HTML+TIME) implementation in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1)
|
28-02-2022 - 19:35 | 16-06-2011 - 20:55 | |
CVE-2011-1254 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Drag and Drop Memory Corr
|
28-02-2022 - 19:33 | 16-06-2011 - 20:55 | |
CVE-2011-1251 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "DOM Manipulation Memory Corruption
|
28-02-2022 - 19:32 | 16-06-2011 - 20:55 | |
CVE-2011-1250 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Link Properties Handling
|
28-02-2022 - 19:30 | 16-06-2011 - 20:55 | |
CVE-2011-1246 | 4.3 |
Microsoft Internet Explorer 8 does not properly handle content settings in HTTP responses, which allows remote web servers to obtain sensitive information from a different (1) domain or (2) zone via a crafted response, aka "MIME Sniffing Information
|
28-02-2022 - 19:26 | 16-06-2011 - 20:55 | |
CVE-2011-1244 | 5.8 |
Microsoft Internet Explorer 6, 7, and 8 does not enforce intended domain restrictions on content access, which allows remote attackers to obtain sensitive information or conduct clickjacking attacks via a crafted web site, aka "Frame Tag Information
|
28-02-2022 - 19:25 | 13-04-2011 - 18:55 | |
CVE-2010-3348 | 4.3 |
Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of cached content as HTML, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Cross-Domain Information Disclosur
|
28-02-2022 - 19:23 | 16-12-2010 - 19:33 | |
CVE-2010-3346 | 9.3 |
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption,
|
28-02-2022 - 19:22 | 16-12-2010 - 19:33 | |
CVE-2010-3345 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML
|
28-02-2022 - 19:21 | 16-12-2010 - 19:33 | |
CVE-2010-3343 | 9.3 |
Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML
|
28-02-2022 - 19:20 | 16-12-2010 - 19:33 | |
CVE-2010-3342 | 4.3 |
Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of cached content as HTML, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Cross-Domain Information Disclosur
|
28-02-2022 - 19:19 | 16-12-2010 - 19:33 | |
CVE-2010-3962 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Cascading Style Sheets (CSS) token sequences and the clip attribute, aka an "invalid flag reference" issu
|
28-02-2022 - 19:15 | 05-11-2010 - 17:00 | |
CVE-2010-2560 | 9.3 |
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption,
|
28-02-2022 - 18:57 | 11-08-2010 - 18:47 | |
CVE-2010-2559 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Unini
|
28-02-2022 - 17:31 | 11-08-2010 - 18:47 | |
CVE-2010-2558 | 9.3 |
Race condition in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to an object in memory, aka "Race Condition Memory Corruption Vulnerabili
|
28-02-2022 - 17:30 | 11-08-2010 - 18:47 | |
CVE-2010-2557 | 9.3 |
Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Unini
|
28-02-2022 - 17:27 | 11-08-2010 - 18:47 | |
CVE-2010-2556 | 9.3 |
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption,
|
28-02-2022 - 17:24 | 11-08-2010 - 18:47 | |
CVE-2014-2815 | 9.3 |
Microsoft OneNote 2007 SP3 allows remote attackers to execute arbitrary code via a crafted OneNote file that triggers creation of an executable file in a startup folder, aka "OneNote Remote Code Execution Vulnerability."
|
16-12-2021 - 20:35 | 12-08-2014 - 21:55 | |
CVE-2010-0243 | 9.3 |
Buffer overflow in MSO.DLL in Microsoft Office XP SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Office document, aka "MSO.DLL Buffer Overflow."
|
22-09-2021 - 14:22 | 10-02-2010 - 18:30 | |
CVE-2013-0021 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer vtable Use After Free Vulnerability."
|
17-09-2021 - 11:15 | 13-02-2013 - 12:04 | |
CVE-2016-3366 | 4.3 |
Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, Outlook 2016, and Outlook 2016 for Mac do not properly implement RFC 2046, which allows remote attackers to bypass virus or spam detection via crafted MIME data in a
|
30-08-2021 - 14:28 | 14-09-2016 - 10:59 | |
CVE-2010-3971 | 9.3 |
Use-after-free vulnerability in the CSharedStyleSheet::Notify function in the Cascading Style Sheets (CSS) parser in mshtml.dll, as used in Microsoft Internet Explorer 6 through 8 and other products, allows remote attackers to execute arbitrary code
|
23-07-2021 - 15:12 | 22-12-2010 - 21:00 | |
CVE-2012-1872 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to inject arbitrary web script or HTML via crafted character sequences with EUC-JP encoding, aka "EUC-JP Character Encoding Vulnerability."
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2009-3673 | 9.3 |
Microsoft Internet Explorer 7 and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka
|
23-07-2021 - 15:12 | 09-12-2009 - 18:30 | |
CVE-2010-1261 | 9.3 |
The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption,
|
23-07-2021 - 15:12 | 08-06-2010 - 22:30 | |
CVE-2011-1345 | 9.3 |
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, as demonstrated by Stephen Few
|
23-07-2021 - 15:12 | 10-03-2011 - 20:55 | |
CVE-2009-1917 | 9.3 |
Microsoft Internet Explorer 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly h
|
23-07-2021 - 15:12 | 29-07-2009 - 17:30 | |
CVE-2010-3330 | 4.3 |
Microsoft Internet Explorer 6 through 8 does not properly restrict script access to content from a different (1) domain or (2) zone, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Cross-Domain Information D
|
23-07-2021 - 15:12 | 13-10-2010 - 19:00 | |
CVE-2010-3325 | 4.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle unspecified special characters in Cascading Style Sheets (CSS) documents, which allows remote attackers to obtain sensitive information from a different (1) domain or (2) zone via a cra
|
23-07-2021 - 15:12 | 13-10-2010 - 19:00 | |
CVE-2010-1258 | 4.3 |
Microsoft Internet Explorer 6, 7, and 8 does not properly determine the origin of script code, which allows remote attackers to execute script in an unintended domain or security zone, and obtain sensitive information, via unspecified vectors, aka "E
|
23-07-2021 - 15:12 | 11-08-2010 - 18:47 | |
CVE-2011-2383 | 4.3 |
Microsoft Internet Explorer 9 and earlier does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing an http: U
|
23-07-2021 - 15:12 | 03-06-2011 - 17:55 | |
CVE-2009-1919 | 9.3 |
Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do n
|
23-07-2021 - 15:12 | 29-07-2009 - 17:30 | |
CVE-2010-1259 | 9.3 |
Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption V
|
23-07-2021 - 15:12 | 08-06-2010 - 22:30 | |
CVE-2009-1530 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code by repeatedly adding HTML doc
|
23-07-2021 - 15:12 | 10-06-2009 - 18:30 | |
CVE-2010-1257 | 4.3 |
Cross-site scripting (XSS) vulnerability in the toStaticHTML API, as used in Microsoft Office InfoPath 2003 SP3, 2007 SP1, and 2007 SP2; Office SharePoint Server 2007 SP1 and SP2; SharePoint Services 3.0 SP1 and SP2; and Internet Explorer 8 allows re
|
23-07-2021 - 15:12 | 08-06-2010 - 20:30 | |
CVE-2010-3329 | 9.3 |
mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code via a crafted Microsoft Office document that causes the HtmlDlgHelper class destructor to access uninitialized memory, aka "Uninitialized Memory Cor
|
23-07-2021 - 15:12 | 13-10-2010 - 19:00 | |
CVE-2010-1262 | 9.3 |
Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, related to the CStyleSheet object and
|
23-07-2021 - 15:12 | 08-06-2010 - 22:30 | |
CVE-2010-3324 | 4.3 |
The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, Groove Server 2010, and Office Web Apps, allows rem
|
23-07-2021 - 15:12 | 17-09-2010 - 18:00 | |
CVE-2009-4074 | 4.3 |
The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to leverage the "response-changing mechanism" to conduct cross-site scripting (XSS) attacks against web sites that have no inherent XSS vulnerabilities, related to the details of
|
23-07-2021 - 15:12 | 25-11-2009 - 18:30 | |
CVE-2009-1918 | 10.0 |
Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do n
|
23-07-2021 - 15:12 | 29-07-2009 - 17:30 | |
CVE-2010-3331 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory in certain circumstances involving use of Microsoft Word to read Word documents, which allows remote attackers to execute arbitrary code by accessing an object that (1
|
23-07-2021 - 15:12 | 13-10-2010 - 19:00 | |
CVE-2010-3327 | 4.3 |
The implementation of HTML content creation in Microsoft Internet Explorer 6 through 8 does not remove the Anchor element during pasting and editing, which might allow remote attackers to obtain sensitive deleted information by visiting a web page, a
|
23-07-2021 - 15:12 | 13-10-2010 - 19:00 | |
CVE-2010-0027 | 9.3 |
The URL validation functionality in Microsoft Internet Explorer 5.01, 6, 6 SP1, 7 and 8, and the ShellExecute API function in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, does not properly process input parameters, which allows remote attac
|
23-07-2021 - 15:12 | 22-01-2010 - 22:00 | |
CVE-2012-1877 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Title Element Change Remote Code Execution Vulnerability."
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2012-1858 | 4.3 |
The toStaticHTML API (aka the SafeHTML component) in Microsoft Internet Explorer 8 and 9, Communicator 2007 R2, and Lync 2010 and 2010 Attendee does not properly handle event attributes and script, which makes it easier for remote attackers to conduc
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2011-0038 | 9.3 |
Untrusted search path vulnerability in Microsoft Internet Explorer 8 might allow local users to gain privileges via a Trojan horse IEShims.dll in the current working directory, as demonstrated by a Desktop directory that contains an HTML file, aka "I
|
23-07-2021 - 15:12 | 10-02-2011 - 16:00 | |
CVE-2011-0035 | 9.3 |
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption,
|
23-07-2021 - 15:12 | 10-02-2011 - 16:00 | |
CVE-2010-0244 | 9.3 |
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corru
|
23-07-2021 - 15:12 | 22-01-2010 - 22:00 | |
CVE-2010-0494 | 4.3 |
Cross-domain vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 allows user-assisted remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted HTML document in a situation where the cl
|
23-07-2021 - 15:12 | 31-03-2010 - 19:30 | |
CVE-2010-0245 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Unini
|
23-07-2021 - 15:12 | 22-01-2010 - 22:00 | |
CVE-2010-0246 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Unini
|
23-07-2021 - 15:12 | 22-01-2010 - 22:00 | |
CVE-2012-1874 | 9.3 |
Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows user-assisted remote attackers to execute arbitrary code by accessing a deleted object, aka "Developer Toolbar Remote Code Execution Vulnerability."
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2010-0255 | 4.3 |
Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prevent rendering of non-HTML local files as HTML documents, which allows remote attackers to bypass intended access restrictions and read arbitrary files via vectors involving JavaScr
|
23-07-2021 - 15:12 | 04-02-2010 - 20:15 | |
CVE-2012-1876 | 9.3 |
Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access a nonexistent object, leading to a heap-based buffer overflo
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2012-1873 | 4.3 |
Microsoft Internet Explorer 7 through 9 does not properly create and initialize string data, which allows remote attackers to obtain sensitive information from process memory via a crafted HTML document, aka "Null Byte Information Disclosure Vulnerab
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2012-1875 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Same ID Property Remote Code Execution Vulnerability."
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2011-1260 | 9.3 |
Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Layout Memory Corruption Vuln
|
23-07-2021 - 15:12 | 16-06-2011 - 20:55 | |
CVE-2011-0036 | 9.3 |
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption,
|
23-07-2021 - 15:12 | 10-02-2011 - 16:00 | |
CVE-2011-1252 | 4.3 |
Cross-site scripting (XSS) vulnerability in the SafeHTML function in the toStaticHTML API in Microsoft Internet Explorer 7 and 8, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Groove Server 2010 Gold and SP1, Windows
|
23-07-2021 - 15:12 | 16-06-2011 - 20:55 | |
CVE-2012-1878 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnBeforeDeactivate Event Remote Code Execution Vulnerability."
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2012-1882 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not block cross-domain scrolling events, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Scrolling Events Information Disclosure Vulnerabi
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2010-0490 | 9.3 |
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corru
|
23-07-2021 - 15:12 | 31-03-2010 - 19:30 | |
CVE-2012-1523 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Center Element Remote Code Execution Vulnerability."
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2012-0172 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Style Remote Code Execution Vulnerability."
|
23-07-2021 - 15:12 | 10-04-2012 - 21:55 | |
CVE-2012-1880 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "insertRow Remote Code Execution Vulnerability."
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2012-1881 | 9.3 |
Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnRowsInserted Event Remote Code Execution Vulnerability."
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2010-0247 | 9.3 |
Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory c
|
23-07-2021 - 15:06 | 22-01-2010 - 22:00 | |
CVE-2007-3091 | 7.1 |
Race condition in Microsoft Internet Explorer 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code or perform other actions
|
23-07-2021 - 15:05 | 06-06-2007 - 21:30 | |
CVE-2009-1528 | 9.3 |
Microsoft Internet Explorer 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not properly synchronize AJAX requests, which allows allows remote attackers to execute arbitr
|
23-07-2021 - 15:04 | 10-06-2009 - 18:30 | |
CVE-2010-3340 | 9.3 |
Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka
|
23-07-2021 - 15:04 | 16-12-2010 - 19:33 | |
CVE-2011-1245 | 4.3 |
Microsoft Internet Explorer 6 and 7 does not properly restrict script access to content from a (1) different domain or (2) different zone, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Javascript Informati
|
23-07-2021 - 15:04 | 13-04-2011 - 18:55 | |
CVE-2009-1531 | 9.3 |
Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code via frequent calls to the getElementsByTagName function combi
|
23-07-2021 - 15:04 | 10-06-2009 - 18:30 | |
CVE-2010-0488 | 4.3 |
Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 does not properly handle unspecified "encoding strings," which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site, aka "Post Encoding
|
23-07-2021 - 15:04 | 31-03-2010 - 19:30 | |
CVE-2010-0267 | 9.3 |
Microsoft Internet Explorer 6, 6 SP1, and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corrupti
|
23-07-2021 - 15:04 | 31-03-2010 - 19:30 | |
CVE-2012-0170 | 9.3 |
Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnReadyStateChange Remote Code Execution Vulnerability."
|
23-07-2021 - 15:04 | 10-04-2012 - 21:55 | |
CVE-2011-0094 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Layouts Handling Memory Corruption Vulnerabilit
|
23-07-2021 - 15:04 | 13-04-2011 - 18:55 | |
CVE-2010-0807 | 9.3 |
Microsoft Internet Explorer 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, leading to memory corruption, aka "HTML Rendering Memory Corruption Vulnerability."
|
23-07-2021 - 15:04 | 31-03-2010 - 19:30 | |
CVE-2010-0806 | 9.3 |
Use-after-free vulnerability in the Peer Objects component (aka iepeers.dll) in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an
|
23-07-2021 - 15:04 | 10-03-2010 - 22:30 | |
CVE-2009-1140 | 7.1 |
Microsoft Internet Explorer 5.01 SP4; 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not prevent HTML rendering of cached content, which allows remote attackers t
|
23-07-2021 - 15:04 | 10-06-2009 - 18:30 | |
CVE-2010-0808 | 2.6 |
Microsoft Internet Explorer 6 and 7 on Windows XP and Vista does not prevent script from simulating user interaction with the AutoComplete feature, which allows remote attackers to obtain sensitive form information via a crafted web site, aka "AutoCo
|
23-07-2021 - 15:04 | 13-10-2010 - 19:00 | |
CVE-2010-0489 | 9.3 |
Race condition in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Race Condition Memory Corruption Vulnerability."
|
23-07-2021 - 15:04 | 31-03-2010 - 19:30 | |
CVE-2010-0805 | 9.3 |
The Tabular Data Control (TDC) ActiveX control in Microsoft Internet Explorer 5.01 SP4, 6 on Windows XP SP2 and SP3, and 6 SP1 allows remote attackers to execute arbitrary code via a long URL (DataURL parameter) that triggers memory corruption in the
|
23-07-2021 - 12:19 | 31-03-2010 - 19:30 | |
CVE-2010-0491 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 allows remote attackers to execute arbitrary code by changing unspecified properties of an HTML object that has an onreadystatechange event handler, aka "HTML Object M
|
23-07-2021 - 12:19 | 31-03-2010 - 19:30 | |
CVE-2009-0550 | 9.3 |
Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008; and WinINet in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on
|
23-07-2021 - 12:19 | 15-04-2009 - 08:00 | |
CVE-2010-3326 | 9.3 |
Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Unini
|
23-07-2021 - 12:16 | 13-10-2010 - 19:00 | |
CVE-2011-1997 | 9.3 |
Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnLoad Event Remote Code Execution Vulnerability."
|
23-07-2021 - 12:16 | 12-10-2011 - 02:52 | |
CVE-2009-1141 | 9.3 |
Microsoft Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2 allows remote attackers to execute arbitrary code via unspecified DHTML function calls related to a tr element and the "insertion, deletion and attributes of a table cell,"
|
23-07-2021 - 12:16 | 10-06-2009 - 18:30 | |
CVE-2009-0552 | 9.3 |
Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 on Windows XP SP2 and SP3, and 6 on Windows Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a web page that triggers presence of an object in me
|
23-07-2021 - 12:16 | 15-04-2009 - 08:00 | |
CVE-2013-3893 | 9.3 |
Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help: URL t
|
17-05-2021 - 17:15 | 18-09-2013 - 10:08 | |
CVE-2010-3972 | 10.0 |
Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a den
|
05-02-2021 - 15:37 | 23-12-2010 - 18:00 | |
CVE-2010-2730 | 9.3 |
Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote attackers to execute arbitrary code via crafted headers in a request, aka "Request Header Buffer Overflow Vulnerability." Per: http://www.mic
|
05-02-2021 - 15:37 | 15-09-2010 - 19:00 | |
CVE-2010-1899 | 4.3 |
Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services (IIS) 5.1, 6.0, 7.0, and 7.5 allows remote attackers to cause a denial of service (daemon outage) via a crafted request, related to asp.dll, aka "IIS
|
05-02-2021 - 15:37 | 15-09-2010 - 19:00 | |
CVE-2010-1256 | 8.5 |
Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when Extended Protection for Authentication is enabled, allows remote authenticated users to execute arbitrary code via unknown vectors related to "token checking" that trigger memory corr
|
05-02-2021 - 15:37 | 08-06-2010 - 20:30 | |
CVE-2013-3128 | 9.3 |
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and
|
08-12-2020 - 15:11 | 09-10-2013 - 14:53 | |
CVE-2009-3023 | 9.0 |
Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption,
|
23-11-2020 - 19:51 | 31-08-2009 - 20:30 | |
CVE-2009-2521 | 5.0 |
Stack consumption vulnerability in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows remote authenticated users to cause a denial of service (daemon crash) via a list (ls) -R command containing a wildcard that re
|
23-11-2020 - 19:50 | 04-09-2009 - 10:30 | |
CVE-2010-2731 | 6.8 |
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 on Windows XP SP3, when directory-based Basic Authentication is enabled, allows remote attackers to bypass intended access restrictions and execute ASP files via a crafted
|
23-11-2020 - 19:49 | 15-09-2010 - 19:00 | |
CVE-2013-0006 | 9.3 |
Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability."
|
20-11-2020 - 20:15 | 09-01-2013 - 18:09 | |
CVE-2010-3190 | 9.3 |
Untrusted search path vulnerability in the Microsoft Foundation Class (MFC) Library in Microsoft Visual Studio .NET 2003 SP1; Visual Studio 2005 SP1, 2008 SP1, and 2010; Visual C++ 2005 SP1, 2008 SP1, and 2010; and Exchange Server 2010 Service Pack 3
|
16-11-2020 - 19:33 | 31-08-2010 - 20:00 | |
CVE-2013-3167 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 does not properly handle objects in memory, which allows local users to gain
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2012-4774 | 9.3 |
Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow remote attackers to execute arbitrary code via a crafted (1) file name or (2) subfolder name that
|
28-09-2020 - 12:58 | 12-12-2012 - 00:55 | |
CVE-2013-3888 | 7.2 |
dxgkrnl.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "DirectX Graphics Kernel Subsystem Double Fetch Vulnerab
|
28-09-2020 - 12:58 | 09-10-2013 - 14:53 | |
CVE-2012-4792 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated
|
28-09-2020 - 12:58 | 30-12-2012 - 18:55 | |
CVE-2013-3881 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows local users to gain privileges via a crafted application, aka "Win32k NULL Page Vulnerability."
|
28-09-2020 - 12:58 | 09-10-2013 - 14:53 | |
CVE-2013-3128 | 9.3 |
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and
|
28-09-2020 - 12:58 | 09-10-2013 - 14:53 | |
CVE-2013-3894 | 9.3 |
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary cod
|
28-09-2020 - 12:58 | 09-10-2013 - 14:53 | |
CVE-2013-3879 | 7.2 |
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT a
|
28-09-2020 - 12:58 | 09-10-2013 - 14:53 | |
CVE-2013-3195 | 10.0 |
The DSA_InsertItem function in Comctl32.dll in the Windows common control library in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows
|
28-09-2020 - 12:58 | 09-10-2013 - 14:53 | |
CVE-2010-3974 | 7.6 |
fxscover.exe in the Fax Cover Page Editor in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly parse FAX cover pages, whic
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2013-3200 | 7.2 |
The USB drivers in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow physically proximate a
|
28-09-2020 - 12:58 | 09-10-2013 - 14:53 | |
CVE-2013-3172 | 4.9 |
Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to cause a denial of service (system ha
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2013-3174 | 9.3 |
DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 allows remote attackers to execute arbitrary code via a crafted GIF file
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2011-3402 | 9.3 |
Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP
|
28-09-2020 - 12:58 | 04-11-2011 - 21:55 | |
CVE-2013-3173 | 7.2 |
Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local u
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2013-3129 | 9.3 |
Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight 5 before 5.1.20513.0; win32k.sys in the kernel-mode drivers, and GDI+, DirectWrite, and Journal, in Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Serv
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2012-4787 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2) is deleted, aka "Improper Ref
|
28-09-2020 - 12:58 | 12-12-2012 - 00:55 | |
CVE-2011-3406 | 9.0 |
Buffer overflow in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, a
|
28-09-2020 - 12:58 | 14-12-2011 - 00:55 | |
CVE-2010-3958 | 9.3 |
The x86 JIT compiler in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 does not properly compile function calls, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted A
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2012-4775 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-4776 | 9.3 |
The Web Proxy Auto-Discovery (WPAD) functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not validate configuration data that is returned during acquisition of proxy settings, which allows remote attackers to execute arbitra
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-4782 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "CMarkup Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 12-12-2012 - 00:55 | |
CVE-2012-4777 | 9.3 |
The code-optimization feature in the reflection implementation in Microsoft .NET Framework 4 and 4.5 does not properly enforce object permissions, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2011-1993 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Scroll Event Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2012-1895 | 9.3 |
The reflection implementation in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4 does not properly enforce object permissions, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XB
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-1873 | 4.3 |
Microsoft Internet Explorer 7 through 9 does not properly create and initialize string data, which allows remote attackers to obtain sensitive information from process memory via a crafted HTML document, aka "Null Byte Information Disclosure Vulnerab
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-2897 | 10.0 |
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT, as used by Google Chrome before
|
28-09-2020 - 12:58 | 26-09-2012 - 10:56 | |
CVE-2012-1881 | 9.3 |
Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnRowsInserted Event Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-1878 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnBeforeDeactivate Event Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2011-2016 | 9.3 |
Untrusted search path vulnerability in Windows Mail and Windows Meeting Space in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the curr
|
28-09-2020 - 12:58 | 08-11-2011 - 21:55 | |
CVE-2011-1996 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Option Element Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2011-1970 | 5.0 |
The DNS server in Microsoft Windows Server 2003 SP2 and Windows Server 2008 SP2, R2, and R2 SP1 does not properly initialize memory, which allows remote attackers to cause a denial of service (service outage) via a query for a nonexistent domain, aka
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-2003 | 9.3 |
Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2011-1991 | 9.3 |
Multiple untrusted search path vulnerabilities in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow local users to gain privileges via a Trojan hors
|
28-09-2020 - 12:58 | 15-09-2011 - 12:26 | |
CVE-2011-1257 | 7.6 |
Race condition in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors involving access to an object, aka "Window Open Race Condition Vulnerability."
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1995 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "OLEAuto32.dll Remote Code Execution Vulnerabili
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2012-1524 | 9.3 |
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Attribute Remove Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 10-07-2012 - 21:55 | |
CVE-2012-1889 | 9.3 |
Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
|
28-09-2020 - 12:58 | 13-06-2012 - 04:46 | |
CVE-2011-2002 | 4.7 |
win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle TrueType fonts, which allows local users to cause a denial of service (system hang) via
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2013-1300 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2012-1523 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Center Element Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2011-1256 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "DOM Modification Memory C
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1246 | 4.3 |
Microsoft Internet Explorer 8 does not properly handle content settings in HTTP responses, which allows remote web servers to obtain sensitive information from a different (1) domain or (2) zone via a crafted response, aka "MIME Sniffing Information
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2012-2530 | 7.2 |
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain priv
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2011-2000 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Body Element Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2011-1960 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not properly implement JavaScript event handlers, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Event Handlers Information Disclo
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-2001 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an attempted access to a virtual function table after corruption of this table has occurred, aka "Virtual
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2011-1985 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2012-1891 | 9.3 |
Heap-based buffer overflow in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2 and Windows Data Access Components (WDAC) 6.0 allows remote attackers to execute arbitrary code via crafted XML data that triggers access to an uninitialized object
|
28-09-2020 - 12:58 | 10-07-2012 - 21:55 | |
CVE-2012-1880 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "insertRow Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-1874 | 9.3 |
Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows user-assisted remote attackers to execute arbitrary code by accessing a deleted object, aka "Developer Toolbar Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-1855 | 9.3 |
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly handle function pointers, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework applica
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-1538 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CFormElement Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-1875 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Same ID Property Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-1877 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Title Element Change Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-1851 | 10.0 |
Format string vulnerability in the Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary
|
28-09-2020 - 12:58 | 15-08-2012 - 01:55 | |
CVE-2012-1848 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly handle user-mode
|
28-09-2020 - 12:58 | 09-05-2012 - 00:55 | |
CVE-2013-1340 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2011-1964 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Style Object Memory Corru
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2013-1345 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2012-1522 | 9.3 |
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Cached Object Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 10-07-2012 - 21:55 | |
CVE-2011-1247 | 9.3 |
Untrusted search path vulnerability in the Microsoft Active Accessibility component in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local user
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2011-1258 | 4.3 |
Microsoft Internet Explorer 6 through 8 does not properly restrict web script, which allows user-assisted remote attackers to obtain sensitive information from a different (1) domain or (2) zone via vectors involving a drag-and-drop operation, aka "D
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1251 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "DOM Manipulation Memory Corruption
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-2019 | 9.3 |
Untrusted search path vulnerability in Microsoft Internet Explorer 9 on Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a d
|
28-09-2020 - 12:58 | 14-12-2011 - 00:55 | |
CVE-2011-1992 | 4.3 |
The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to read content from a different (1) domain or (2) zone via a "trial and error" attack, aka "XSS Filter Information Disclosure Vulnerability."
|
28-09-2020 - 12:58 | 14-12-2011 - 00:55 | |
CVE-2011-1963 | 9.3 |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "XSLT Memory Corruption Vu
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1271 | 5.1 |
The JIT compiler in Microsoft .NET Framework 3.5 Gold and SP1, 3.5.1, and 4.0, when IsJITOptimizerDisabled is false, does not properly handle expressions related to null strings, which allows context-dependent attackers to bypass intended access rest
|
28-09-2020 - 12:58 | 10-05-2011 - 19:55 | |
CVE-2011-1261 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Selection Object Memory C
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1254 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Drag and Drop Memory Corr
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1244 | 5.8 |
Microsoft Internet Explorer 6, 7, and 8 does not enforce intended domain restrictions on content access, which allows remote attackers to obtain sensitive information or conduct clickjacking attacks via a crafted web site, aka "Frame Tag Information
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2012-1879 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access an undefined memory location, aka "insertAdjacentText Remote Code Execution Vulnerabil
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-1876 | 9.3 |
Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access a nonexistent object, leading to a heap-based buffer overflo
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-1528 | 9.3 |
Integer overflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows local users to gain privileg
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-2556 | 9.3 |
The OpenType Font (OTF) driver in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT
|
28-09-2020 - 12:58 | 12-12-2012 - 00:55 | |
CVE-2012-1896 | 5.0 |
Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly consider trust levels during construction of output data, which allows remote attackers to obtain sensitive information via (1) a crafted XAML browser application (aka XBAP) or (2) a crafte
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-1882 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not block cross-domain scrolling events, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Scrolling Events Information Disclosure Vulnerabi
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2011-1975 | 9.3 |
Untrusted search path vulnerability in the Data Access Tracing component in Windows Data Access Components (Windows DAC) 6.0 in Microsoft Windows 7 Gold and SP1 and Windows Server 2008 R2 and R2 SP1 allows local users to gain privileges via a Trojan
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1961 | 9.3 |
The telnet URI handler in Microsoft Internet Explorer 6 through 9 does not properly launch the handler application, which allows remote attackers to execute arbitrary programs via a crafted web site, aka "Telnet Handler Remote Code Execution Vulnerab
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1966 | 10.0 |
The DNS server in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 does not properly handle NAPTR queries that trigger recursive processing, which allows remote attackers to execute arbitrary code via a crafted query, aka "DNS NAPTR Query Vulnerabil
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1268 | 10.0 |
The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote SMB servers to execute arbitrary code via a crafted (1) SM
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1250 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Link Properties Handling
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1873 | 9.3 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 on 64-bit platforms does not properly validate pointers d
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1999 | 9.3 |
Microsoft Internet Explorer 8 does not properly allocate and access memory, which allows remote attackers to execute arbitrary code via vectors involving a "dereferenced memory address," aka "Select Element Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2012-1539 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreePos Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2011-1266 | 9.3 |
The Vector Markup Language (VML) implementation in vgx.dll in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1248 | 9.3 |
WINS in Microsoft Windows Server 2003 SP2 and Server 2008 Gold, SP2, R2, and R2 SP1 does not properly handle socket send exceptions, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted
|
28-09-2020 - 12:58 | 13-05-2011 - 17:05 | |
CVE-2012-2519 | 7.9 |
Untrusted search path vulnerability in Entity Framework in ADO.NET in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, and 4 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-1858 | 4.3 |
The toStaticHTML API (aka the SafeHTML component) in Microsoft Internet Explorer 8 and 9, Communicator 2007 R2, and Lync 2010 and 2010 Attendee does not properly handle event attributes and script, which makes it easier for remote attackers to conduc
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-1850 | 5.0 |
The Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not pro
|
28-09-2020 - 12:58 | 15-08-2012 - 01:55 | |
CVE-2011-2013 | 10.0 |
Integer overflow in the TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code by sending a sequence of crafted UDP packets to a clos
|
28-09-2020 - 12:58 | 08-11-2011 - 21:55 | |
CVE-2011-2011 | 7.2 |
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain priv
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2011-1998 | 9.3 |
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "Jscript9.dll Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2013-1347 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly allocated or (2) is deleted, as exploited in the wild in May 2013.
|
28-09-2020 - 12:58 | 05-05-2013 - 11:07 | |
CVE-2011-1262 | 9.3 |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "HTTP Redirect Memory Corr
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1255 | 9.3 |
The Timed Interactive Multimedia Extensions (aka HTML+TIME) implementation in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1)
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2012-1527 | 9.3 |
Integer underflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows local users to gain privile
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2011-1962 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle unspecified character sequences, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site that triggers "inactive filtering," aka "Sh
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2013-1288 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CTreeNode Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2011-1252 | 4.3 |
Cross-site scripting (XSS) vulnerability in the SafeHTML function in the toStaticHTML API in Microsoft Internet Explorer 7 and 8, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Groove Server 2010 Gold and SP1, Windows
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2013-1345 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2011-1260 | 9.3 |
Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Layout Memory Corruption Vuln
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1253 | 9.3 |
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.0.60831, does not properly restrict inheritance, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2011-0661 | 10.0 |
The SMB Server service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate fields in SMB requests, which allows
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2013-0020 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CMarkup Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2013-0093 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer onBeforeCopy Use After Free Vulnerabili
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2011-0663 | 9.3 |
Multiple integer overflows in the Microsoft (1) JScript 5.6 through 5.8 and (2) VBScript 5.6 through 5.8 scripting engines allow remote attackers to execute arbitrary code via a crafted web page, aka "Scripting Memory Reallocation Vulnerability."
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2013-3881 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows local users to gain privileges via a crafted application, aka "Win32k NULL Page Vulnerability."
|
28-09-2020 - 12:58 | 09-10-2013 - 14:53 | |
CVE-2013-3172 | 4.9 |
Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to cause a denial of service (system ha
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2013-0087 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer OnResize Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0023 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CDispNode Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2013-0020 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CMarkup Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2012-0004 | 9.3 |
Unspecified vulnerability in DirectShow in DirectX in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code
|
28-09-2020 - 12:58 | 10-01-2012 - 21:55 | |
CVE-2011-0346 | 9.3 |
Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the DOM i
|
28-09-2020 - 12:58 | 07-01-2011 - 23:00 | |
CVE-2013-0022 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer LsGetTrailInfo Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2013-0090 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CCaret Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2011-0657 | 7.5 |
DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process DNS queries, which allows remote
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2011-0660 | 9.3 |
The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote SMB servers to execute arbitrary code via a crafted (1) SM
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2012-0152 | 4.3 |
The Remote Desktop Protocol (RDP) service in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (application hang) via a series of crafted packets, aka "Terminal Server Denial o
|
28-09-2020 - 12:58 | 13-03-2012 - 21:55 | |
CVE-2012-0154 | 7.2 |
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain priv
|
28-09-2020 - 12:58 | 14-02-2012 - 22:55 | |
CVE-2013-0094 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer removeChild Use After Free Vulnerabilit
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0087 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer OnResize Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2012-0014 | 9.3 |
Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.1.10111, does not properly restrict access to memory associated with unmanaged objects, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser
|
28-09-2020 - 12:58 | 14-02-2012 - 22:55 | |
CVE-2013-3200 | 7.2 |
The USB drivers in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow physically proximate a
|
28-09-2020 - 12:58 | 09-10-2013 - 14:53 | |
CVE-2013-0030 | 9.3 |
The Vector Markup Language (VML) implementation in Microsoft Internet Explorer 6 through 10 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via a crafted web site, aka "VML Memory Corruption Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2013-0007 | 9.3 |
Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML XSLT Vulnerability."
|
28-09-2020 - 12:58 | 09-01-2013 - 18:09 | |
CVE-2012-2556 | 9.3 |
The OpenType Font (OTF) driver in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT
|
28-09-2020 - 12:58 | 12-12-2012 - 00:55 | |
CVE-2012-1851 | 10.0 |
Format string vulnerability in the Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary
|
28-09-2020 - 12:58 | 15-08-2012 - 01:55 | |
CVE-2012-0155 | 9.3 |
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 14-02-2012 - 22:55 | |
CVE-2012-0004 | 9.3 |
Unspecified vulnerability in DirectShow in DirectX in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code
|
28-09-2020 - 12:58 | 10-01-2012 - 21:55 | |
CVE-2011-2003 | 9.3 |
Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2011-0034 | 9.3 |
Stack-based buffer overflow in the OpenType Compact Font Format (aka OTF or CFF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2013-3174 | 9.3 |
DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 allows remote attackers to execute arbitrary code via a crafted GIF file
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2013-0094 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer removeChild Use After Free Vulnerabilit
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0026 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer InsertElement Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2012-2519 | 7.9 |
Untrusted search path vulnerability in Entity Framework in ADO.NET in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, and 4 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-0180 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly handle user-mode
|
28-09-2020 - 12:58 | 09-05-2012 - 00:55 | |
CVE-2012-0013 | 9.3 |
Incomplete blacklist vulnerability in the Windows Packager configuration in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to e
|
28-09-2020 - 12:58 | 10-01-2012 - 21:55 | |
CVE-2011-2002 | 4.7 |
win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle TrueType fonts, which allows local users to cause a denial of service (system hang) via
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2013-0029 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CHTML Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2013-0019 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer COmWindowProxy Use After Free Vulnerabi
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2013-3167 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 does not properly handle objects in memory, which allows local users to gain
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2013-0090 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CCaret Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0024 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer pasteHTML Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2012-4777 | 9.3 |
The code-optimization feature in the reflection implementation in Microsoft .NET Framework 4 and 4.5 does not properly enforce object permissions, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-1855 | 9.3 |
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly handle function pointers, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework applica
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-0175 | 9.3 |
The Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted name for a (1) file or (2)
|
28-09-2020 - 12:58 | 10-07-2012 - 21:55 | |
CVE-2011-1966 | 10.0 |
The DNS server in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 does not properly handle NAPTR queries that trigger recursive processing, which allows remote attackers to execute arbitrary code via a crafted query, aka "DNS NAPTR Query Vulnerabil
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2012-0150 | 9.3 |
Buffer overflow in msvcrt.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted media file, aka "Msvcrt.dll Buffer Overflow Vulnerabilit
|
28-09-2020 - 12:58 | 14-02-2012 - 22:55 | |
CVE-2013-0092 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer GetMarkupPtr Use After Free Vulnerabili
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2012-2897 | 10.0 |
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT, as used by Google Chrome before
|
28-09-2020 - 12:58 | 26-09-2012 - 10:56 | |
CVE-2012-1895 | 9.3 |
The reflection implementation in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4 does not properly enforce object permissions, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XB
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-1528 | 9.3 |
Integer overflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows local users to gain privileg
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-0152 | 4.3 |
The Remote Desktop Protocol (RDP) service in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (application hang) via a series of crafted packets, aka "Terminal Server Denial o
|
28-09-2020 - 12:58 | 13-03-2012 - 21:55 | |
CVE-2011-2016 | 9.3 |
Untrusted search path vulnerability in Windows Mail and Windows Meeting Space in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the curr
|
28-09-2020 - 12:58 | 08-11-2011 - 21:55 | |
CVE-2011-0660 | 9.3 |
The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote SMB servers to execute arbitrary code via a crafted (1) SM
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2012-0173 | 9.3 |
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process packets in memory, which a
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2011-0032 | 9.3 |
Untrusted search path vulnerability in DirectShow in Microsoft Windows Vista SP1 and SP2, Windows 7 Gold and SP1, Windows Server 2008 R2 and R2 SP1, and Windows Media Center TV Pack for Windows Vista allows local users to gain privileges via a Trojan
|
28-09-2020 - 12:58 | 09-03-2011 - 23:00 | |
CVE-2012-0014 | 9.3 |
Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.1.10111, does not properly restrict access to memory associated with unmanaged objects, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser
|
28-09-2020 - 12:58 | 14-02-2012 - 22:55 | |
CVE-2012-0175 | 9.3 |
The Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted name for a (1) file or (2)
|
28-09-2020 - 12:58 | 10-07-2012 - 21:55 | |
CVE-2011-0034 | 9.3 |
Stack-based buffer overflow in the OpenType Compact Font Format (aka OTF or CFF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2013-0088 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer saveHistory Use After Free Vulnerabilit
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2012-0012 | 4.3 |
Microsoft Internet Explorer 9 does not properly handle the creation and initialization of string objects, which allows remote attackers to read data from arbitrary process-memory locations via a crafted web site, aka "Null Byte Information Disclosure
|
28-09-2020 - 12:58 | 14-02-2012 - 22:55 | |
CVE-2012-0015 | 9.3 |
Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly calculate the length of an unspecified buffer, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET applicati
|
28-09-2020 - 12:58 | 14-02-2012 - 22:55 | |
CVE-2012-0002 | 9.3 |
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process packets in memory, which a
|
28-09-2020 - 12:58 | 13-03-2012 - 21:55 | |
CVE-2012-0011 | 9.3 |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "HTML Layout Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 14-02-2012 - 22:55 | |
CVE-2013-3894 | 9.3 |
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary cod
|
28-09-2020 - 12:58 | 09-10-2013 - 14:53 | |
CVE-2013-0029 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CHTML Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2012-1848 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly handle user-mode
|
28-09-2020 - 12:58 | 09-05-2012 - 00:55 | |
CVE-2012-0154 | 7.2 |
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain priv
|
28-09-2020 - 12:58 | 14-02-2012 - 22:55 | |
CVE-2011-1991 | 9.3 |
Multiple untrusted search path vulnerabilities in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow local users to gain privileges via a Trojan hors
|
28-09-2020 - 12:58 | 15-09-2011 - 12:26 | |
CVE-2011-0664 | 9.3 |
Microsoft .NET Framework 2.0 SP1 and SP2, 3.5 Gold and SP1, 3.5.1, and 4.0, and Silverlight 4 before 4.0.60531.0, does not properly validate arguments to unspecified networking API functions, which allows remote attackers to execute arbitrary code vi
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2013-3173 | 7.2 |
Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local u
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2013-0093 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer onBeforeCopy Use After Free Vulnerabili
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2012-4782 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "CMarkup Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 12-12-2012 - 00:55 | |
CVE-2012-1850 | 5.0 |
The Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not pro
|
28-09-2020 - 12:58 | 15-08-2012 - 01:55 | |
CVE-2011-0663 | 9.3 |
Multiple integer overflows in the Microsoft (1) JScript 5.6 through 5.8 and (2) VBScript 5.6 through 5.8 scripting engines allow remote attackers to execute arbitrary code via a crafted web page, aka "Scripting Memory Reallocation Vulnerability."
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2010-3974 | 7.6 |
fxscover.exe in the Fax Cover Page Editor in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly parse FAX cover pages, whic
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2013-0091 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CElement Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-1288 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CTreeNode Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0088 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer saveHistory Use After Free Vulnerabilit
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0023 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CDispNode Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2012-2530 | 7.2 |
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain priv
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-1538 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CFormElement Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-0151 | 9.3 |
The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly valida
|
28-09-2020 - 12:58 | 10-04-2012 - 21:55 | |
CVE-2012-0003 | 9.3 |
Unspecified vulnerability in winmm.dll in Windows Multimedia Library in Windows Media Player (WMP) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via a crafted MI
|
28-09-2020 - 12:58 | 10-01-2012 - 21:55 | |
CVE-2011-3406 | 9.0 |
Buffer overflow in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, a
|
28-09-2020 - 12:58 | 14-12-2011 - 00:55 | |
CVE-2011-1975 | 9.3 |
Untrusted search path vulnerability in the Data Access Tracing component in Windows Data Access Components (Windows DAC) 6.0 in Microsoft Windows 7 Gold and SP1 and Windows Server 2008 R2 and R2 SP1 allows local users to gain privileges via a Trojan
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-0658 | 9.3 |
Integer underflow in the OLE Automation protocol implementation in VBScript.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2013-0007 | 9.3 |
Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML XSLT Vulnerability."
|
28-09-2020 - 12:58 | 09-01-2013 - 18:09 | |
CVE-2013-3879 | 7.2 |
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT a
|
28-09-2020 - 12:58 | 09-10-2013 - 14:53 | |
CVE-2013-3129 | 9.3 |
Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight 5 before 5.1.20513.0; win32k.sys in the kernel-mode drivers, and GDI+, DirectWrite, and Journal, in Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Serv
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2013-1300 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2012-4774 | 9.3 |
Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow remote attackers to execute arbitrary code via a crafted (1) file name or (2) subfolder name that
|
28-09-2020 - 12:58 | 12-12-2012 - 00:55 | |
CVE-2012-1896 | 5.0 |
Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly consider trust levels during construction of output data, which allows remote attackers to obtain sensitive information via (1) a crafted XAML browser application (aka XBAP) or (2) a crafte
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-1522 | 9.3 |
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Cached Object Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 10-07-2012 - 21:55 | |
CVE-2012-0173 | 9.3 |
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process packets in memory, which a
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-0015 | 9.3 |
Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly calculate the length of an unspecified buffer, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET applicati
|
28-09-2020 - 12:58 | 14-02-2012 - 22:55 | |
CVE-2011-1970 | 5.0 |
The DNS server in Microsoft Windows Server 2003 SP2 and Windows Server 2008 SP2, R2, and R2 SP1 does not properly initialize memory, which allows remote attackers to cause a denial of service (service outage) via a query for a nonexistent domain, aka
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2012-0180 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly handle user-mode
|
28-09-2020 - 12:58 | 09-05-2012 - 00:55 | |
CVE-2013-0026 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer InsertElement Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2013-0011 | 10.0 |
The Print Spooler in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted print job, aka "Windows Print Spooler Compone
|
28-09-2020 - 12:58 | 09-01-2013 - 18:09 | |
CVE-2012-0013 | 9.3 |
Incomplete blacklist vulnerability in the Windows Packager configuration in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to e
|
28-09-2020 - 12:58 | 10-01-2012 - 21:55 | |
CVE-2013-0092 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer GetMarkupPtr Use After Free Vulnerabili
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0006 | 9.3 |
Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability."
|
28-09-2020 - 12:58 | 09-01-2013 - 18:09 | |
CVE-2012-4776 | 9.3 |
The Web Proxy Auto-Discovery (WPAD) functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not validate configuration data that is returned during acquisition of proxy settings, which allows remote attackers to execute arbitra
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2013-0089 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CMarkupBehaviorContext Use After Free V
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2012-0002 | 9.3 |
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly process packets in memory, which a
|
28-09-2020 - 12:58 | 13-03-2012 - 21:55 | |
CVE-2011-1248 | 9.3 |
WINS in Microsoft Windows Server 2003 SP2 and Server 2008 Gold, SP2, R2, and R2 SP1 does not properly handle socket send exceptions, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted
|
28-09-2020 - 12:58 | 13-05-2011 - 17:05 | |
CVE-2011-0661 | 10.0 |
The SMB Server service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate fields in SMB requests, which allows
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2013-0030 | 9.3 |
The Vector Markup Language (VML) implementation in Microsoft Internet Explorer 6 through 10 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via a crafted web site, aka "VML Memory Corruption Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2013-0024 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer pasteHTML Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2013-3195 | 10.0 |
The DSA_InsertItem function in Comctl32.dll in the Windows common control library in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows
|
28-09-2020 - 12:58 | 09-10-2013 - 14:53 | |
CVE-2013-0089 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CMarkupBehaviorContext Use After Free V
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0011 | 10.0 |
The Print Spooler in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted print job, aka "Windows Print Spooler Compone
|
28-09-2020 - 12:58 | 09-01-2013 - 18:09 | |
CVE-2012-4775 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-1524 | 9.3 |
Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Attribute Remove Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 10-07-2012 - 21:55 | |
CVE-2011-3402 | 9.3 |
Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP
|
28-09-2020 - 12:58 | 04-11-2011 - 21:55 | |
CVE-2011-1985 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2011-1873 | 9.3 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 on 64-bit platforms does not properly validate pointers d
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1253 | 9.3 |
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.0.60831, does not properly restrict inheritance, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2011-1247 | 9.3 |
Untrusted search path vulnerability in the Microsoft Active Accessibility component in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local user
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2011-0658 | 9.3 |
Integer underflow in the OLE Automation protocol implementation in VBScript.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2010-3958 | 9.3 |
The x86 JIT compiler in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 does not properly compile function calls, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted A
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2013-0091 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CElement Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0019 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer COmWindowProxy Use After Free Vulnerabi
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2012-1527 | 9.3 |
Integer underflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows local users to gain privile
|
28-09-2020 - 12:58 | 14-11-2012 - 00:55 | |
CVE-2012-0150 | 9.3 |
Buffer overflow in msvcrt.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted media file, aka "Msvcrt.dll Buffer Overflow Vulnerabilit
|
28-09-2020 - 12:58 | 14-02-2012 - 22:55 | |
CVE-2011-2011 | 7.2 |
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain priv
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2011-1268 | 10.0 |
The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote SMB servers to execute arbitrary code via a crafted (1) SM
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-0664 | 9.3 |
Microsoft .NET Framework 2.0 SP1 and SP2, 3.5 Gold and SP1, 3.5.1, and 4.0, and Silverlight 4 before 4.0.60531.0, does not properly validate arguments to unspecified networking API functions, which allows remote attackers to execute arbitrary code vi
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-0032 | 9.3 |
Untrusted search path vulnerability in DirectShow in Microsoft Windows Vista SP1 and SP2, Windows 7 Gold and SP1, Windows Server 2008 R2 and R2 SP1, and Windows Media Center TV Pack for Windows Vista allows local users to gain privileges via a Trojan
|
28-09-2020 - 12:58 | 09-03-2011 - 23:00 | |
CVE-2014-1766 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by Sebastian Apelt and Andreas Schmidt during a Pwn2Own competition at
|
28-07-2020 - 19:23 | 27-04-2014 - 10:55 | |
CVE-2014-0315 | 6.9 |
Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8
|
24-07-2020 - 19:15 | 08-04-2014 - 23:55 | |
CVE-2015-6152 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
24-06-2020 - 16:54 | 09-12-2015 - 11:59 | |
CVE-2013-2014 | 5.0 |
OpenStack Identity (Keystone) before 2013.1 allows remote attackers to cause a denial of service (memory consumption and crash) via multiple long requests.
|
02-06-2020 - 19:50 | 02-06-2014 - 15:55 | |
CVE-2015-0008 | 8.3 |
The UNC implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not include authentication fr
|
29-10-2019 - 19:15 | 11-02-2015 - 03:00 | |
CVE-2014-6321 | 10.0 |
Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary cod
|
09-10-2019 - 23:11 | 11-11-2014 - 22:55 | |
CVE-2017-0095 | 7.9 |
Hyper-V in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly validate vSMB packet data, which allows attackers to execute arbitrary code on a target OS, aka "Hyper-V vSMB Remote Code Execution Vulnerability." This vu
|
03-10-2019 - 00:03 | 17-03-2017 - 00:59 | |
CVE-2017-0047 | 7.2 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privil
|
03-10-2019 - 00:03 | 17-03-2017 - 00:59 | |
CVE-2017-0025 | 7.2 |
The kernel-mode drivers in Microsoft Windows Vista; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain pr
|
03-10-2019 - 00:03 | 17-03-2017 - 00:59 | |
CVE-2017-0014 | 7.6 |
The Windows Graphics Component in Microsoft Office 2010 SP2; Windows Server 2008 R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
03-10-2019 - 00:03 | 17-03-2017 - 00:59 | |
CVE-2017-0029 | 4.3 |
Microsoft Office 2010 SP2, Word 2010 SP2, Word 2013 RT SP1, and Word 2016 allow remote attackers to cause a denial of service (application hang) via a crafted Office document, aka "Microsoft Office Denial of Service Vulnerability."
|
03-10-2019 - 00:03 | 17-03-2017 - 00:59 | |
CVE-2017-0039 | 9.3 |
Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle dynamic link library (DLL) loading, which allows local users to gain privileges via a crafted application, aka "Library Loading Input Validation Remote Code Execution Vulnerability."
|
03-10-2019 - 00:03 | 17-03-2017 - 00:59 | |
CVE-2017-0072 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is diffe
|
03-10-2019 - 00:03 | 17-03-2017 - 00:59 | |
CVE-2017-0051 | 2.9 |
Microsoft Windows 10 1607 and Windows Server 2016 allow remote attackers to cause a denial of service (application hang) via a crafted Office document, aka "Microsoft Hyper-V Network Switch Denial of Service Vulnerability." This vulnerability is diff
|
03-10-2019 - 00:03 | 17-03-2017 - 00:59 | |
CVE-2017-0070 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
03-10-2019 - 00:03 | 17-03-2017 - 00:59 | |
CVE-2017-0075 | 7.4 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users to execute arbitrary code on the host
|
03-10-2019 - 00:03 | 17-03-2017 - 00:59 | |
CVE-2017-0010 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
03-10-2019 - 00:03 | 17-03-2017 - 00:59 | |
CVE-2017-0021 | 7.7 |
Hyper-V in Microsoft Windows 10 1607 and Windows Server 2016 does not properly validate vSMB packet data, which allows attackers to execute arbitrary code on a target OS, aka "Hyper-V System Data Structure Vulnerability." This vulnerability is differ
|
03-10-2019 - 00:03 | 17-03-2017 - 00:59 | |
CVE-2017-0066 | 4.0 |
Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0135 and
|
03-10-2019 - 00:03 | 17-03-2017 - 00:59 | |
CVE-2011-1265 | 8.3 |
The Bluetooth Stack 2.1 in Microsoft Windows Vista SP1 and SP2 and Windows 7 Gold and SP1 does not prevent access to objects in memory that (1) were not properly initialized or (2) have been deleted, which allows remote attackers to execute arbitrary
|
27-09-2019 - 17:05 | 13-07-2011 - 22:55 | |
CVE-2013-5072 | 4.3 |
Cross-site scripting (XSS) vulnerability in Outlook Web Access in Microsoft Exchange Server 2010 SP2 and SP3 and 2013 Cumulative Update 2 and 3 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "OWA XSS Vulnerabili
|
01-06-2019 - 00:29 | 11-12-2013 - 00:55 | |
CVE-2012-4791 | 3.5 |
Microsoft Exchange Server 2007 SP3 and 2010 SP1 and SP2 allows remote authenticated users to cause a denial of service (Information Store service hang) by subscribing to a crafted RSS feed, aka "RSS Feed May Cause Exchange DoS Vulnerability."
|
01-06-2019 - 00:29 | 12-12-2012 - 00:55 | |
CVE-2014-1817 | 9.3 |
usp10.dll in Uniscribe (aka the Unicode Script Processor) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Of
|
20-05-2019 - 17:27 | 11-06-2014 - 04:56 | |
CVE-2014-1818 | 9.3 |
GDI+ in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Office 2007 SP3 and 2010 SP1 and SP2, Live Meeting 2007
|
17-05-2019 - 20:27 | 11-06-2014 - 04:56 | |
CVE-2015-6104 | 9.3 |
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote attackers t
|
17-05-2019 - 20:01 | 11-11-2015 - 12:59 | |
CVE-2015-6103 | 9.3 |
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote attackers t
|
17-05-2019 - 19:19 | 11-11-2015 - 12:59 | |
CVE-2016-0015 | 9.3 |
DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file,
|
17-05-2019 - 19:13 | 13-01-2016 - 05:59 | |
CVE-2015-2459 | 9.3 |
ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote atta
|
17-05-2019 - 13:10 | 15-08-2015 - 00:59 | |
CVE-2015-2460 | 9.3 |
ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and .NET Framework 3.0 SP2, 3.5,
|
17-05-2019 - 12:53 | 15-08-2015 - 00:59 | |
CVE-2015-2465 | 2.1 |
The Windows shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 does not properly constrain impersonation levels, wh
|
17-05-2019 - 12:35 | 15-08-2015 - 00:59 | |
CVE-2015-6102 | 2.1 |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protec
|
16-05-2019 - 19:38 | 11-11-2015 - 12:59 | |
CVE-2015-6113 | 2.1 |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass intended filesys
|
16-05-2019 - 18:48 | 11-11-2015 - 12:59 | |
CVE-2016-0014 | 7.2 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain pri
|
16-05-2019 - 18:24 | 13-01-2016 - 05:59 | |
CVE-2015-2515 | 9.3 |
Use-after-free vulnerability in Windows Shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers
|
16-05-2019 - 17:00 | 14-10-2015 - 01:59 | |
CVE-2015-1696 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Win
|
16-05-2019 - 16:30 | 13-05-2015 - 10:59 | |
CVE-2016-0008 | 4.3 |
The graphics device interface in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to bypass the ASLR protectio
|
15-05-2019 - 19:28 | 13-01-2016 - 05:59 | |
CVE-2015-6132 | 7.2 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain
|
15-05-2019 - 19:24 | 09-12-2015 - 11:59 | |
CVE-2016-0018 | 6.9 |
Microsoft Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 R2, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability."
|
15-05-2019 - 18:59 | 13-01-2016 - 05:59 | |
CVE-2015-2509 | 9.3 |
Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted Media Center link (mcl) file, aka "Windows Media Center RCE Vulnerability."
|
15-05-2019 - 18:40 | 09-09-2015 - 00:59 | |
CVE-2016-0058 | 9.3 |
Buffer overflow in the PDF Library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows remote attackers to execute arbitrary code via a crafted PDF document that triggers API calls, aka "Microsoft PDF Library Buffer Overf
|
15-05-2019 - 18:36 | 10-02-2016 - 11:59 | |
CVE-2015-1698 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Win
|
15-05-2019 - 18:17 | 13-05-2015 - 10:59 | |
CVE-2015-1697 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Win
|
15-05-2019 - 18:13 | 13-05-2015 - 10:59 | |
CVE-2016-3215 | 4.3 |
Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 1511, and Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted PDF document, aka "Windows PDF Information Disclosure Vulnerability,"
|
15-05-2019 - 17:48 | 16-06-2016 - 01:59 | |
CVE-2016-0044 | 5.0 |
Sync Framework in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows remote attackers to cause a denial of service (SyncShareSvc service outage) via crafted "change batch" data, aka "Windows DLL Loading Denial of Service Vulnera
|
15-05-2019 - 17:27 | 10-02-2016 - 11:59 | |
CVE-2015-0010 | 1.9 |
The CryptProtectMemory function in cng.sys (aka the Cryptography Next Generation driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Wi
|
15-05-2019 - 17:04 | 11-02-2015 - 03:00 | |
CVE-2015-1756 | 9.3 |
Use-after-free vulnerability in Microsoft Common Controls in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows user-assisted rem
|
15-05-2019 - 15:33 | 10-06-2015 - 01:59 | |
CVE-2015-2426 | 9.3 |
Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows rem
|
15-05-2019 - 15:23 | 20-07-2015 - 18:59 | |
CVE-2016-0038 | 9.3 |
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted Journal file
|
15-05-2019 - 15:08 | 10-02-2016 - 11:59 | |
CVE-2015-2432 | 9.3 |
ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to exe
|
15-05-2019 - 15:05 | 15-08-2015 - 00:59 | |
CVE-2015-2433 | 2.1 |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to bypass the ASLR protection mechanism
|
15-05-2019 - 15:01 | 15-08-2015 - 00:59 | |
CVE-2016-0046 | 9.3 |
Windows Reader in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows remote attackers to execute arbitrary code via a crafted Reader file, aka "Microsoft Windows Reader Vulnerability."
|
15-05-2019 - 14:58 | 10-02-2016 - 11:59 | |
CVE-2015-2453 | 4.7 |
The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitiv
|
15-05-2019 - 14:54 | 15-08-2015 - 00:59 | |
CVE-2015-2506 | 9.3 |
atmfd.dll in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to
|
15-05-2019 - 14:51 | 09-09-2015 - 00:59 | |
CVE-2015-6109 | 2.1 |
The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection mechanism, and consequently discover a driver base address, via a crafted application, aka "Wi
|
15-05-2019 - 14:48 | 11-11-2015 - 12:59 | |
CVE-2015-6108 | 9.3 |
The Windows font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT Gold and 8.1; Office 2007 SP3; Office 2010 SP2; Word Viewer; .NET Framewor
|
15-05-2019 - 14:43 | 09-12-2015 - 11:59 | |
CVE-2015-6107 | 9.3 |
The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10 Gold and 1511, Office 2007 SP3, Office 2010 SP2,
|
15-05-2019 - 14:39 | 09-12-2015 - 11:59 | |
CVE-2016-0016 | 7.2 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain pri
|
15-05-2019 - 14:36 | 13-01-2016 - 05:59 | |
CVE-2015-2512 | 7.2 |
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges v
|
15-05-2019 - 14:31 | 09-09-2015 - 00:59 | |
CVE-2015-6127 | 4.3 |
Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows remote attackers to read arbitrary files via a crafted .mcl file, aka "Windows Media Center Information Disclosure Vulnerability."
|
15-05-2019 - 14:04 | 09-12-2015 - 11:59 | |
CVE-2015-6131 | 9.3 |
Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows remote attackers to execute arbitrary code via a crafted .mcl file, aka "Media Center Library Parsing RCE Vulnerability."
|
15-05-2019 - 14:00 | 09-12-2015 - 11:59 | |
CVE-2015-6133 | 7.2 |
Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Re
|
15-05-2019 - 13:59 | 09-12-2015 - 11:59 | |
CVE-2015-2514 | 9.3 |
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via
|
15-05-2019 - 13:58 | 09-09-2015 - 00:59 | |
CVE-2015-2464 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee,
|
15-05-2019 - 13:52 | 15-08-2015 - 00:59 | |
CVE-2015-2507 | 7.2 |
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges v
|
15-05-2019 - 13:51 | 09-09-2015 - 00:59 | |
CVE-2015-2513 | 9.3 |
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via
|
15-05-2019 - 13:47 | 09-09-2015 - 00:59 | |
CVE-2015-2463 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee,
|
15-05-2019 - 13:41 | 15-08-2015 - 00:59 | |
CVE-2015-2462 | 9.3 |
ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, and .NET Framework 3.
|
15-05-2019 - 13:37 | 15-08-2015 - 00:59 | |
CVE-2015-6101 | 6.9 |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a c
|
15-05-2019 - 13:32 | 11-11-2015 - 12:59 | |
CVE-2014-6332 | 9.3 |
OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute ar
|
15-05-2019 - 13:30 | 11-11-2014 - 22:55 | |
CVE-2015-2456 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 201
|
15-05-2019 - 13:21 | 15-08-2015 - 00:59 | |
CVE-2015-2455 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 201
|
15-05-2019 - 12:55 | 15-08-2015 - 00:59 | |
CVE-2015-6100 | 6.9 |
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a c
|
15-05-2019 - 12:42 | 11-11-2015 - 12:59 | |
CVE-2015-2472 | 4.3 |
Remote Desktop Session Host (RDSH) in Remote Desktop Protocol (RDP) through 8.1 in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do
|
15-05-2019 - 12:39 | 15-08-2015 - 00:59 | |
CVE-2015-2435 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 201
|
15-05-2019 - 11:59 | 15-08-2015 - 00:59 | |
CVE-2015-2423 | 4.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2
|
15-05-2019 - 11:53 | 15-08-2015 - 00:59 | |
CVE-2015-2454 | 2.1 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels, which all
|
14-05-2019 - 20:54 | 15-08-2015 - 00:59 | |
CVE-2015-1699 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Win
|
14-05-2019 - 20:51 | 13-05-2015 - 10:59 | |
CVE-2015-2527 | 7.2 |
The process-initialization implementation in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 does not properly constrain impersonation levels, which a
|
14-05-2019 - 20:48 | 09-09-2015 - 00:59 | |
CVE-2015-1695 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Win
|
14-05-2019 - 20:45 | 13-05-2015 - 10:59 | |
CVE-2015-2519 | 9.3 |
Integer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute
|
14-05-2019 - 20:33 | 09-09-2015 - 00:59 | |
CVE-2015-2518 | 6.9 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a cra
|
14-05-2019 - 20:32 | 09-09-2015 - 00:59 | |
CVE-2015-2546 | 6.9 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a cra
|
14-05-2019 - 20:30 | 09-09-2015 - 00:59 | |
CVE-2015-2511 | 6.9 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a cra
|
14-05-2019 - 20:26 | 09-09-2015 - 00:59 | |
CVE-2015-2517 | 6.9 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a cra
|
14-05-2019 - 20:26 | 09-09-2015 - 00:59 | |
CVE-2015-2461 | 9.3 |
ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote atta
|
14-05-2019 - 20:23 | 15-08-2015 - 00:59 | |
CVE-2015-2458 | 9.3 |
ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote atta
|
14-05-2019 - 19:57 | 15-08-2015 - 00:59 | |
CVE-2015-1635 | 10.0 |
HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerabilit
|
14-05-2019 - 19:53 | 14-04-2015 - 20:59 | |
CVE-2015-0096 | 9.3 |
Untrusted search path vulnerability in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to
|
14-05-2019 - 19:47 | 11-03-2015 - 10:59 | |
CVE-2015-0003 | 6.9 |
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users
|
14-05-2019 - 19:39 | 11-02-2015 - 03:00 | |
CVE-2015-2530 | 9.3 |
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via
|
14-05-2019 - 19:30 | 09-09-2015 - 00:59 | |
CVE-2015-0087 | 5.0 |
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to obtain sensi
|
14-05-2019 - 19:25 | 11-03-2015 - 10:59 | |
CVE-2015-0074 | 4.3 |
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly allocate memory, whic
|
14-05-2019 - 19:21 | 11-03-2015 - 10:59 | |
CVE-2015-2516 | 4.3 |
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to cause a denial of service (
|
14-05-2019 - 19:18 | 09-09-2015 - 00:59 | |
CVE-2015-0089 | 5.0 |
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to obtain sensi
|
14-05-2019 - 19:10 | 11-03-2015 - 10:59 | |
CVE-2015-0092 | 9.3 |
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbi
|
14-05-2019 - 19:09 | 11-03-2015 - 10:59 | |
CVE-2015-0091 | 9.3 |
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbi
|
14-05-2019 - 19:08 | 11-03-2015 - 10:59 | |
CVE-2015-0090 | 9.3 |
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbi
|
14-05-2019 - 19:07 | 11-03-2015 - 10:59 | |
CVE-2015-0093 | 9.3 |
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbi
|
14-05-2019 - 19:06 | 11-03-2015 - 10:59 | |
CVE-2015-0088 | 9.3 |
Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbi
|
14-05-2019 - 19:06 | 11-03-2015 - 10:59 | |
CVE-2015-0060 | 4.7 |
The font mapper in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1
|
14-05-2019 - 19:01 | 11-02-2015 - 03:01 | |
CVE-2015-0059 | 6.9 |
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted TrueType font, aka
|
14-05-2019 - 18:58 | 11-02-2015 - 03:01 | |
CVE-2015-0058 | 7.2 |
Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a crafted application, aka "Windows Cursor Object Double Free Vulnerabil
|
14-05-2019 - 18:51 | 11-02-2015 - 03:01 | |
CVE-2015-0081 | 9.3 |
Windows Text Services (WTS) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to ex
|
14-05-2019 - 18:51 | 11-03-2015 - 10:59 | |
CVE-2015-0057 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users
|
14-05-2019 - 18:50 | 11-02-2015 - 03:01 | |
CVE-2015-2529 | 2.1 |
The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Kernel ASLR Bypass Vulnerability."
|
14-05-2019 - 18:24 | 09-09-2015 - 00:59 | |
CVE-2014-4060 | 6.8 |
Use-after-free vulnerability in MCPlayer.dll in Microsoft Windows Media Center TV Pack for Windows Vista, Windows 7 SP1, and Windows Media Center for Windows 8 and 8.1 allows remote attackers to execute arbitrary code via a crafted Office document th
|
14-05-2019 - 17:03 | 12-08-2014 - 21:55 | |
CVE-2013-3918 | 9.3 |
The InformationCardSigninHelper Class ActiveX control in icardie.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold
|
14-05-2019 - 14:24 | 12-11-2013 - 14:35 | |
CVE-2013-3940 | 9.3 |
Integer overflow in the Graphics Device Interface (GDI) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and W
|
14-05-2019 - 14:19 | 13-11-2013 - 00:55 | |
CVE-2013-5056 | 9.3 |
Use-after-free vulnerability in the Scripting Runtime Object Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold
|
14-05-2019 - 14:11 | 11-12-2013 - 00:55 | |
CVE-2014-0263 | 9.3 |
The Direct2D implementation in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a large 2D geometric figure
|
14-05-2019 - 14:10 | 12-02-2014 - 04:50 | |
CVE-2014-4118 | 9.3 |
XML Core Services (aka MSXML) 3.0 in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers
|
14-05-2019 - 14:04 | 11-11-2014 - 22:55 | |
CVE-2013-7331 | 4.3 |
The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers to determine the existence of local pathnames, UNC share pathnames, intranet hostnames, and intranet IP addresses by examining error codes, as demonstra
|
14-05-2019 - 13:24 | 26-02-2014 - 14:55 | |
CVE-2015-1675 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Win
|
13-05-2019 - 20:21 | 13-05-2015 - 10:59 | |
CVE-2014-0301 | 9.3 |
Double free vulnerability in qedit.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allow
|
13-05-2019 - 19:22 | 12-03-2014 - 05:15 | |
CVE-2015-6125 | 9.3 |
Use-after-free vulnerability in the DNS server in Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted requests, aka "Windows DNS Use After Free Vulnerability." <a href
|
08-05-2019 - 22:03 | 09-12-2015 - 11:59 | |
CVE-2016-3227 | 10.0 |
Use-after-free vulnerability in the DNS Server component in Microsoft Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted requests, aka "Windows DNS Server Use After Free Vulnerability." <a href="http://cwe.m
|
08-05-2019 - 22:03 | 16-06-2016 - 01:59 | |
CVE-2016-3228 | 9.0 |
Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows Server 2012 Gold and R2 allow remote authenticated users to execute arbitrary code via a crafted NetLogon request, aka "Windows Netlogon Memory Corruption Remote Code Execution Vulnerability."
|
08-05-2019 - 22:03 | 16-06-2016 - 01:59 | |
CVE-2015-2368 | 6.9 |
Untrusted search path vulnerability in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Wi
|
08-05-2019 - 22:03 | 14-07-2015 - 21:59 | |
CVE-2015-2362 | 7.2 |
Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly initialize guest OS system data structures, which allows guest OS users to execute arbitrary code on the host OS by
|
08-05-2019 - 22:03 | 14-07-2015 - 21:59 | |
CVE-2015-2361 | 7.2 |
Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2 does not properly initialize guest OS system data structures, which allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (buffer overflow) by leveragin
|
08-05-2019 - 22:03 | 14-07-2015 - 21:59 | |
CVE-2009-1924 | 9.3 |
Integer overflow in the Windows Internet Name Service (WINS) component for Microsoft Windows 2000 SP4 allows remote WINS replication partners to execute arbitrary code via crafted data structures in a packet, aka "WINS Integer Overflow Vulnerability.
|
30-04-2019 - 14:27 | 12-08-2009 - 17:30 | |
CVE-2009-1923 | 9.3 |
Heap-based buffer overflow in the Windows Internet Name Service (WINS) component for Microsoft Windows 2000 SP4 and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted WINS replication packet that triggers an incorrect buf
|
30-04-2019 - 14:27 | 12-08-2009 - 17:30 | |
CVE-2009-1138 | 10.0 |
The LDAP service in Active Directory on Microsoft Windows 2000 SP4 does not properly free memory for LDAP and LDAPS requests, which allows remote attackers to execute arbitrary code via a request that uses hexadecimal encoding, whose associated memor
|
30-04-2019 - 14:27 | 10-06-2009 - 18:00 | |
CVE-2010-0478 | 9.3 |
Stack-based buffer overflow in nsum.exe in the Windows Media Unicast Service in Media Services for Microsoft Windows 2000 Server SP4 allows remote attackers to execute arbitrary code via crafted packets associated with transport information, aka "Med
|
30-04-2019 - 14:27 | 14-04-2010 - 16:00 | |
CVE-2009-1139 | 7.8 |
Memory leak in the LDAP service in Active Directory on Microsoft Windows 2000 SP4 and Server 2003 SP2, and Active Directory Application Mode (ADAM) on Windows XP SP2 and SP3 and Server 2003 SP2, allows remote attackers to cause a denial of service (m
|
30-04-2019 - 14:27 | 10-06-2009 - 18:00 | |
CVE-2009-0555 | 9.3 |
Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly process Advanced Systems Format (ASF) files, which allows remote attackers to execute ar
|
28-02-2019 - 01:20 | 14-10-2009 - 10:30 | |
CVE-2009-0075 | 9.3 |
Microsoft Internet Explorer 7 does not properly handle errors during attempted access to deleted objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to CFunctionPointer and the appending of document o
|
27-02-2019 - 14:07 | 10-02-2009 - 22:30 | |
CVE-2008-4261 | 9.3 |
Stack-based buffer overflow in Microsoft Internet Explorer 5.01 SP4, 6 SP1 on Windows 2000, and 6 on Windows XP and Server 2003 does not properly handle extraneous data associated with an object embedded in a web page, which allows remote attackers t
|
26-02-2019 - 14:04 | 10-12-2008 - 14:00 | |
CVE-2011-3397 | 9.3 |
The Microsoft Time component in DATIME.DLL in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted web site that leverages an unspecified "binary behavior" in Internet Explorer, aka "Mic
|
26-02-2019 - 14:04 | 14-12-2011 - 00:55 | |
CVE-2008-4114 | 7.1 |
srv.sys in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact vi
|
26-02-2019 - 14:04 | 16-09-2008 - 23:00 | |
CVE-2013-3181 | 9.3 |
usp10.dll in the Unicode Scripts Processor in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "Uniscribe Font Parsing Engine Memory Corruption Vulnerabili
|
26-02-2019 - 14:04 | 14-08-2013 - 11:10 | |
CVE-2011-3400 | 9.3 |
Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 do not properly handle OLE objects in memory, which allows remote attackers to execute arbitrary code via a crafted object in a file, aka "OLE Property Vulnerability."
|
26-02-2019 - 14:04 | 14-12-2011 - 00:55 | |
CVE-2008-4029 | 4.3 |
Cross-domain vulnerability in Microsoft XML Core Services 3.0 and 4.0, as used in Internet Explorer, allows remote attackers to obtain sensitive information from another domain via a crafted XML document, related to improper error checks for external
|
26-02-2019 - 14:04 | 12-11-2008 - 23:30 | |
CVE-2010-3970 | 9.3 |
Stack-based buffer overflow in the CreateSizedDIBSECTION function in shimgvw.dll in the Windows Shell graphics processor (aka graphics rendering engine) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and
|
26-02-2019 - 14:04 | 22-12-2010 - 21:00 | |
CVE-2010-3956 | 9.3 |
The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly perform array indexing, which allows local users to gain pr
|
26-02-2019 - 14:04 | 16-12-2010 - 19:33 | |
CVE-2008-4260 | 8.5 |
Microsoft Internet Explorer 7 sometimes attempts to access a deleted object, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Uninitialized Memory Corruption Vulnerability."
|
26-02-2019 - 14:04 | 10-12-2008 - 14:00 | |
CVE-2008-4258 | 8.5 |
Microsoft Internet Explorer 5.01 SP4 and 6 SP1 does not properly validate parameters during calls to navigation methods, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Paramet
|
26-02-2019 - 14:04 | 10-12-2008 - 14:00 | |
CVE-2010-3965 | 9.3 |
Untrusted search path vulnerability in Windows Media Encoder 9 on Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 allows local users to gain privileges via a Trojan horse DLL
|
26-02-2019 - 14:04 | 16-12-2010 - 19:33 | |
CVE-2013-3863 | 9.3 |
Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote attackers to execute arbitrary code via a crafted OLE object in a file, aka "OLE Property Vulnerability."
|
26-02-2019 - 14:04 | 11-09-2013 - 14:03 | |
CVE-2008-4834 | 10.0 |
Buffer overflow in SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets" in an NT Tra
|
26-02-2019 - 14:04 | 14-01-2009 - 22:30 | |
CVE-2008-4259 | 9.3 |
Microsoft Internet Explorer 7 sometimes attempts to access uninitialized memory locations, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, related to a WebDAV request for a file wit
|
26-02-2019 - 14:04 | 10-12-2008 - 14:00 | |
CVE-2010-3959 | 6.9 |
The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a crafted CMAP table in an OpenType
|
26-02-2019 - 14:04 | 16-12-2010 - 19:33 | |
CVE-2010-3957 | 6.9 |
Double free vulnerability in the OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a craf
|
26-02-2019 - 14:04 | 16-12-2010 - 19:33 | |
CVE-2010-2550 | 10.0 |
The SMB Server in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate fields in an SMB request, which allows remote attackers to execute
|
26-02-2019 - 14:04 | 11-08-2010 - 18:47 | |
CVE-2010-2567 | 9.3 |
The RPC client implementation in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly allocate memory during the parsing of responses, which allows remote RPC servers and man-in-the-middle attackers to execute arbitrary code via a m
|
26-02-2019 - 14:04 | 15-09-2010 - 19:00 | |
CVE-2010-1882 | 9.3 |
Multiple buffer overflows in the MPEG Layer-3 Audio Codec for Microsoft DirectShow in l3codecx.ax in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote attackers to execute arbitrary code via an MPEG Layer-3 audio stream in (1) a craft
|
26-02-2019 - 14:04 | 11-08-2010 - 18:47 | |
CVE-2010-1885 | 9.3 |
The MPC::HexToNum function in helpctr.exe in Microsoft Windows Help and Support Center in Windows XP and Windows Server 2003 does not properly handle malformed escape sequences, which allows remote attackers to bypass the trusted documents whitelist
|
26-02-2019 - 14:04 | 15-06-2010 - 14:04 | |
CVE-2009-1920 | 9.3 |
The JScript scripting engine 5.1, 5.6, 5.7, and 5.8 in JScript.dll in Microsoft Windows, as used in Internet Explorer, does not properly load decoded scripts into memory before execution, which allows remote attackers to execute arbitrary code via a
|
26-02-2019 - 14:04 | 08-09-2009 - 22:30 | |
CVE-2009-3672 | 9.3 |
Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory that (1) were not properly initialized or (2) are deleted, which allows remote attackers to execute arbitrary code via vectors involving a call to the getElementsByTagName
|
26-02-2019 - 14:04 | 02-12-2009 - 11:30 | |
CVE-2010-3228 | 9.3 |
The JIT compiler in Microsoft .NET Framework 4.0 on 64-bit platforms does not properly perform optimizations, which allows remote attackers to execute arbitrary code via a crafted .NET application that triggers memory corruption, aka ".NET Framework
|
26-02-2019 - 14:04 | 13-10-2010 - 19:00 | |
CVE-2010-2729 | 9.3 |
The Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when printer sharing is enabled, does not properly validate spooler access permis
|
26-02-2019 - 14:04 | 15-09-2010 - 19:00 | |
CVE-2010-2566 | 9.3 |
The Secure Channel (aka SChannel) security package in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, does not properly validate certificate request messages from TLS and SSL servers, which allows remote servers to execute arbitrary co
|
26-02-2019 - 14:04 | 11-08-2010 - 18:47 | |
CVE-2009-2506 | 9.3 |
Integer overflow in the text converters in Microsoft Office Word 2002 SP3 and 2003 SP3; Works 8.5; Office Converter Pack; and WordPad in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a DOC
|
26-02-2019 - 14:04 | 09-12-2009 - 18:30 | |
CVE-2009-2497 | 9.3 |
The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0, 2.0 SP1, 2.0 SP2, 3.5, and 3.5 SP1, and Silverlight 2, does not properly handle interfaces, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser appl
|
26-02-2019 - 14:04 | 14-10-2009 - 10:30 | |
CVE-2009-2531 | 9.3 |
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corru
|
26-02-2019 - 14:04 | 14-10-2009 - 10:30 | |
CVE-2009-2508 | 6.9 |
The single sign-on implementation in Active Directory Federation Services (ADFS) in Microsoft Windows Server 2003 SP2 and Server 2008 Gold and SP2 does not properly remove credentials at the end of a network session, which allows physically proximate
|
26-02-2019 - 14:04 | 09-12-2009 - 18:30 | |
CVE-2009-3677 | 10.0 |
The Internet Authentication Service (IAS) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold and SP1, and Server 2008 Gold does not properly verify the credentials in an MS-CHAP v2 Protected Extensible Authentication Protocol
|
26-02-2019 - 14:04 | 09-12-2009 - 18:30 | |
CVE-2009-2494 | 10.0 |
The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via vectors related to erroneous free operation
|
26-02-2019 - 14:04 | 12-08-2009 - 17:30 | |
CVE-2009-2530 | 9.3 |
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corru
|
26-02-2019 - 14:04 | 14-10-2009 - 10:30 | |
CVE-2009-2509 | 9.0 |
Active Directory Federation Services (ADFS) in Microsoft Windows Server 2003 SP2 and Server 2008 Gold and SP2 does not properly validate headers in HTTP requests, which allows remote authenticated users to execute arbitrary code via a crafted request
|
26-02-2019 - 14:04 | 09-12-2009 - 18:30 | |
CVE-2010-2745 | 9.3 |
Microsoft Windows Media Player (WMP) 9 through 12 does not properly deallocate objects during a browser reload action, which allows user-assisted remote attackers to execute arbitrary code via crafted media content referenced in an HTML document, aka
|
26-02-2019 - 14:04 | 13-10-2010 - 19:00 | |
CVE-2008-3009 | 10.0 |
Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1, 9, and 2008 do not properly use the Service Principal Name (SPN) identifier when validating replies to authentication requests, which all
|
26-02-2019 - 14:04 | 10-12-2008 - 14:00 | |
CVE-2011-1869 | 7.8 |
The Distributed File System (DFS) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote DFS servers to cause a d
|
26-02-2019 - 14:04 | 16-06-2011 - 20:55 | |
CVE-2009-2498 | 9.3 |
Microsoft Windows Media Format Runtime 9.0, 9.5, and 11 and Windows Media Services 9.1 and 2008 do not properly parse malformed headers in Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted (1)
|
26-02-2019 - 14:04 | 08-09-2009 - 22:30 | |
CVE-2011-1868 | 10.0 |
The Distributed File System (DFS) implementation in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate fields in DFS responses, which allows remote DFS servers to execute arbitrary code via a crafted response, aka "DFS Me
|
26-02-2019 - 14:04 | 16-06-2011 - 20:55 | |
CVE-2009-1547 | 9.3 |
Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream header that triggers memory corruption, aka "Data Stream Header Corruption Vulnerability."
|
26-02-2019 - 14:04 | 14-10-2009 - 10:30 | |
CVE-2010-1883 | 9.3 |
Integer overflow in the Embedded OpenType (EOT) Font Engine in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to execute arbitrary cod
|
26-02-2019 - 14:04 | 13-10-2010 - 19:00 | |
CVE-2010-3147 | 9.3 |
Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in Windows Address Book in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to
|
26-02-2019 - 14:04 | 27-08-2010 - 19:00 | |
CVE-2010-3144 | 9.3 |
Untrusted search path vulnerability in the Internet Connection Signup Wizard in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a Trojan horse smmscrpt.dll file in the current working directory, as demon
|
26-02-2019 - 14:04 | 27-08-2010 - 19:00 | |
CVE-2010-2738 | 9.3 |
The Uniscribe (aka new Unicode Script Processor) implementation in USP10.DLL in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2, and Microsoft Office XP SP3, 2003 SP3, and 2007 SP2, does not properly
|
26-02-2019 - 14:04 | 15-09-2010 - 19:00 | |
CVE-2009-1925 | 10.0 |
The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 does not properly manage state information, which allows remote attackers to execute arbitrary code by sending packets to a listening service, and th
|
26-02-2019 - 14:04 | 08-09-2009 - 22:30 | |
CVE-2009-1539 | 9.3 |
The QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 does not properly validate unspecified size fields in QuickTime media files,
|
26-02-2019 - 14:04 | 15-07-2009 - 15:30 | |
CVE-2009-2525 | 9.3 |
Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly initialize unspecified functions within compressed audio files, which allows remote atta
|
26-02-2019 - 14:04 | 14-10-2009 - 10:30 | |
CVE-2010-2746 | 7.6 |
Heap-based buffer overflow in Comctl32.dll (aka the common control library) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when a third-party SVG viewer i
|
26-02-2019 - 14:04 | 13-10-2010 - 19:00 | |
CVE-2009-1538 | 9.3 |
The QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 performs updates to pointers without properly validating unspecified data val
|
26-02-2019 - 14:04 | 15-07-2009 - 15:30 | |
CVE-2009-1926 | 7.8 |
Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to cause a denial of service (TCP outage) via a series of TCP sessions that have pending data and a (1) small o
|
26-02-2019 - 14:04 | 08-09-2009 - 22:30 | |
CVE-2009-2519 | 9.3 |
The DHTML Editing Component ActiveX control in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly format HTML markup, which allows remote attackers to execute arbitrary code via a crafted web site that triggers "system
|
26-02-2019 - 14:04 | 08-09-2009 - 22:30 | |
CVE-2010-2563 | 9.3 |
The Word 97 text converter in the WordPad Text Converters in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly parse malformed structures in Word 97 documents, which allows remote attackers to execute arbitrary code via a crafted
|
26-02-2019 - 14:04 | 15-09-2010 - 19:00 | |
CVE-2009-2499 | 8.5 |
Microsoft Windows Media Format Runtime 9.0, 9.5, and 11; and Microsoft Media Foundation on Windows Vista Gold, SP1, and SP2 and Server 2008; allows remote attackers to execute arbitrary code via an MP3 file with crafted metadata that triggers memory
|
26-02-2019 - 14:04 | 08-09-2009 - 22:30 | |
CVE-2010-0483 | 7.6 |
vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, allows user-assisted remote attackers to execute arbitrary code by referencing a (1) local pathname, (
|
26-02-2019 - 14:04 | 03-03-2010 - 19:30 | |
CVE-2013-0077 | 9.3 |
Quartz.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via crafted media content in (1) a media file, (2) a media stream, or (3) a Microsoft Offi
|
26-02-2019 - 14:04 | 13-02-2013 - 12:04 | |
CVE-2010-0487 | 9.3 |
The Authenticode Signature verification functionality in cabview.dll in Cabinet File Viewer Shell Extension 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Se
|
26-02-2019 - 14:04 | 14-04-2010 - 16:00 | |
CVE-2009-0081 | 9.3 |
The graphics device interface (GDI) implementation in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate input received from user mode, which allows remote
|
26-02-2019 - 14:04 | 10-03-2009 - 20:30 | |
CVE-2011-0027 | 9.3 |
Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, does not properly validate memory allocation for internal data structures, which allows remote attackers to execute arbitrary code, possibly via a
|
26-02-2019 - 14:04 | 12-01-2011 - 01:00 | |
CVE-2009-0088 | 9.3 |
The WordPerfect 6.x Converter (WPFT632.CNV, 1998.1.27.0) in Microsoft Office Word 2000 SP3 and Microsoft Office Converter Pack does not properly validate the length of an unspecified string, which allows remote attackers to execute arbitrary code via
|
26-02-2019 - 14:04 | 15-04-2009 - 08:00 | |
CVE-2009-0086 | 10.0 |
Integer underflow in Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote HTTP servers to execute arbitrary code via crafted parameter values in
|
26-02-2019 - 14:04 | 15-04-2009 - 08:00 | |
CVE-2010-0028 | 9.3 |
Integer overflow in Microsoft Paint in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted JPEG (.JPG) file, aka "MS Paint Integer Overflow Vulnerability."
|
26-02-2019 - 14:04 | 10-02-2010 - 18:30 | |
CVE-2010-0816 | 9.3 |
Integer overflow in inetcomm.dll in Microsoft Outlook Express 5.5 SP2, 6, and 6 SP1; Windows Live Mail on Windows XP SP2 and SP3, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; and Windows Mail on Windows Vista SP1 a
|
26-02-2019 - 14:04 | 12-05-2010 - 11:46 | |
CVE-2010-0269 | 10.0 |
The SMB client in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly allocate memory for SMB responses, which allows re
|
26-02-2019 - 14:04 | 14-04-2010 - 16:00 | |
CVE-2011-0654 | 10.0 |
Integer underflow in the BowserWriteErrorLogEntry function in the Common Internet File System (CIFS) browser service in Mrxsmb.sys or bowser.sys in Active Directory in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and S
|
26-02-2019 - 14:04 | 16-02-2011 - 01:00 | |
CVE-2011-0028 | 9.3 |
WordPad in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly parse fields in Word documents, which allows remote attackers to execute arbitrary code via a crafted .doc file, aka "WordPad Converter Parsing Vulnerability."
|
26-02-2019 - 14:04 | 13-04-2011 - 18:55 | |
CVE-2009-0232 | 9.3 |
Integer overflow in the Embedded OpenType (EOT) Font Engine in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted name ta
|
26-02-2019 - 14:04 | 15-07-2009 - 15:30 | |
CVE-2010-0480 | 9.3 |
Multiple stack-based buffer overflows in the MPEG Layer-3 audio codecs in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to execute arbitrary code via a craft
|
26-02-2019 - 14:04 | 14-04-2010 - 16:00 | |
CVE-2010-0818 | 9.3 |
The MPEG-4 codec in the Windows Media codecs in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 does not properly handle crafted media content with MPEG-4 video encoding, which allows remote attacker
|
26-02-2019 - 14:04 | 15-09-2010 - 19:00 | |
CVE-2010-0486 | 9.3 |
The WinVerifyTrust function in Authenticode Signature Verification 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows
|
26-02-2019 - 14:04 | 14-04-2010 - 16:00 | |
CVE-2009-0090 | 9.3 |
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not properly validate .NET verifiable code, which allows remote attackers to obtain unintended access to stack memory, and execute arbitrary code, via (1) a crafted XAML browser application
|
26-02-2019 - 14:04 | 14-10-2009 - 10:30 | |
CVE-2009-0089 | 5.8 |
Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Vista Gold allows remote web servers to impersonate arbitrary https web sites by using DNS spoofing to "forward a connection" to a differe
|
26-02-2019 - 14:04 | 15-04-2009 - 08:00 | |
CVE-2009-1133 | 9.3 |
Heap-based buffer overflow in Microsoft Remote Desktop Connection (formerly Terminal Services Client) running RDP 5.0 through 6.1 on Windows, and Remote Desktop Connection Client for Mac 2.0, allows remote attackers to execute arbitrary code via unsp
|
26-02-2019 - 14:04 | 12-08-2009 - 17:30 | |
CVE-2009-0554 | 9.3 |
Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 allows remote attackers to execute arbitrary code via a web page
|
26-02-2019 - 14:04 | 15-04-2009 - 08:00 | |
CVE-2011-0026 | 9.3 |
Integer signedness error in the SQLConnectW function in an ODBC API (odbc32.dll) in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, allows remote attackers to execute arbitrary code via a long s
|
26-02-2019 - 14:04 | 12-01-2011 - 01:00 | |
CVE-2009-0083 | 7.2 |
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 does not properly handle invalid pointers, which allows local users to gain privileges via an application that triggers use of a crafted pointer, aka "Windows Kernel Invali
|
26-02-2019 - 14:04 | 10-03-2009 - 20:30 | |
CVE-2009-0082 | 7.2 |
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate handles, which allows local users to gain privileges via a crafted application that triggers unspecified
|
26-02-2019 - 14:04 | 10-03-2009 - 20:30 | |
CVE-2009-0091 | 9.3 |
Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a craf
|
26-02-2019 - 14:04 | 14-10-2009 - 10:30 | |
CVE-2010-0016 | 9.3 |
The SMB client implementation in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly validate response fields, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code via a crafted respo
|
26-02-2019 - 14:04 | 10-02-2010 - 18:30 | |
CVE-2009-0076 | 9.3 |
Microsoft Internet Explorer 7, when XHTML strict mode is used, allows remote attackers to execute arbitrary code via the zoom style directive in conjunction with unspecified other directives in a malformed Cascading Style Sheets (CSS) stylesheet in a
|
26-02-2019 - 14:04 | 10-02-2009 - 22:30 | |
CVE-2011-0041 | 9.3 |
Integer overflow in gdiplus.dll in GDI+ in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold and SP2, and Office XP SP3 allows remote attackers to execute arbitrary code via a crafted EMF i
|
26-02-2019 - 14:04 | 13-04-2011 - 18:55 | |
CVE-2011-0033 | 9.3 |
The OpenType Compact Font Format (CFF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate parameter values in OpenType fonts,
|
26-02-2019 - 14:04 | 10-02-2011 - 16:00 | |
CVE-2010-0476 | 10.0 |
The SMB client in Microsoft Windows Server 2003 SP2, Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2 allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption an
|
26-02-2019 - 14:04 | 14-04-2010 - 16:00 | |
CVE-2009-0084 | 9.3 |
Use-after-free vulnerability in DirectShow in Microsoft DirectX 8.1 and 9.0 allows remote attackers to execute arbitrary code via an MJPEG file or video stream with a malformed Huffman table, which triggers an exception that frees heap memory that is
|
26-02-2019 - 14:04 | 15-04-2009 - 08:00 | |
CVE-2012-0009 | 9.3 |
Untrusted search path vulnerability in the Windows Object Packager configuration in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a Trojan horse executable file in the current working directory, as dem
|
26-02-2019 - 14:04 | 10-01-2012 - 21:55 | |
CVE-2008-2249 | 9.3 |
Integer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a malformed header in a crafted WMF file, which triggers a buffe
|
26-02-2019 - 14:02 | 10-12-2008 - 14:00 | |
CVE-2008-3465 | 9.3 |
Heap-based buffer overflow in an API in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows context-dependent attackers to cause a denial of service or execute arbitrary code via a WM
|
26-02-2019 - 14:02 | 10-12-2008 - 14:00 | |
CVE-2009-3676 | 7.1 |
The SMB client in the kernel in Microsoft Windows Server 2008 R2 and Windows 7 allows remote SMB servers and man-in-the-middle attackers to cause a denial of service (infinite loop and system hang) via a (1) SMBv1 or (2) SMBv2 response packet that co
|
30-10-2018 - 16:28 | 13-11-2009 - 15:30 | |
CVE-2017-0104 | 9.3 |
The iSNS Server service in Microsoft Windows Server 2008 SP2 and R2, Windows Server 2012 Gold and R2, and Windows Server 2016 allows remote attackers to issue malicious requests via an integer overflow, aka "iSNS Server Memory Corruption Vulnerabilit
|
30-10-2018 - 16:28 | 17-03-2017 - 00:59 | |
CVE-2010-0017 | 9.3 |
Race condition in the SMB client implementation in Microsoft Windows Server 2008 R2 and Windows 7 allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code, and in the SMB client implementation in Windows Vista Gold, SP1, an
|
30-10-2018 - 16:28 | 10-02-2010 - 18:30 | |
CVE-2016-7245 | 9.3 |
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, and Office 2016 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
30-10-2018 - 16:27 | 10-11-2016 - 06:59 | |
CVE-2016-7275 | 7.2 |
Microsoft Office 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loading Vulnerability."
|
30-10-2018 - 16:27 | 20-12-2016 - 06:59 | |
CVE-2015-6093 | 9.3 |
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to
|
30-10-2018 - 16:27 | 11-11-2015 - 12:59 | |
CVE-2014-6364 | 9.3 |
Use-after-free vulnerability in Microsoft Office 2007 SP3; 2010 SP2; 2013 Gold, SP1, and SP2; and 2013 RT Gold and SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Component Use After Free Vul
|
30-10-2018 - 16:27 | 11-12-2014 - 00:59 | |
CVE-2015-6124 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulner
|
30-10-2018 - 16:27 | 09-12-2015 - 11:59 | |
CVE-2016-3318 | 9.3 |
Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allow remote attackers to execute arbitrary code via a crafted file, aka "Graphics Component Memory Corruption Vulnerability."
|
30-10-2018 - 16:27 | 09-08-2016 - 21:59 | |
CVE-2011-3401 | 9.3 |
ENCDEC.DLL in Windows Media Player and Media Center in Microsoft Windows XP SP2 and SP3, Windows Vista SP2, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted .dvr-ms file, aka "Windows Media Player DVR-MS Memo
|
30-10-2018 - 16:27 | 14-12-2011 - 00:55 | |
CVE-2016-3357 | 9.3 |
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Word for Mac 2011, Word 2016 for Mac, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, SharePoint Server 2013 SP1, Excel Automation Serv
|
30-10-2018 - 16:27 | 14-09-2016 - 10:59 | |
CVE-2016-3313 | 9.3 |
Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016, Word 2016 for Mac, and Word Viewer allow remote attackers to execute arbitrary code via a crafted file, aka "Microsoft Office Memory Corruption Vulnerability."
|
30-10-2018 - 16:27 | 09-08-2016 - 21:59 | |
CVE-2010-3966 | 9.3 |
Untrusted search path vulnerability in Microsoft Windows Server 2008 R2 and Windows 7, when BranchCache is supported, allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that c
|
30-10-2018 - 16:27 | 16-12-2010 - 19:33 | |
CVE-2012-2553 | 7.2 |
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted app
|
30-10-2018 - 16:27 | 14-11-2012 - 00:55 | |
CVE-2009-3678 | 9.3 |
Integer overflow in cdd.dll in the Canonical Display Driver (CDD) in Microsoft Windows Server 2008 R2 and Windows 7 on 64-bit platforms, when the Windows Aero theme is installed, allows context-dependent attackers to cause a denial of service (reboot
|
30-10-2018 - 16:27 | 14-05-2010 - 19:30 | |
CVE-2010-2551 | 7.8 |
The SMB Server in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate an internal variable in an SMB packet, which allows remote attackers to cause a denial of service (system hang) via
|
30-10-2018 - 16:27 | 11-08-2010 - 18:47 | |
CVE-2010-2552 | 7.8 |
Stack consumption vulnerability in the SMB Server in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to cause a denial of service (system hang) via a malformed SMBv2 compounded request
|
30-10-2018 - 16:27 | 11-08-2010 - 18:47 | |
CVE-2015-2466 | 9.3 |
Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted template, aka "Microsoft Office Remote Code Execution Vulnerability."
|
30-10-2018 - 16:27 | 15-08-2015 - 00:59 | |
CVE-2015-2470 | 9.3 |
Integer underflow in Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office for Mac 2011, and Word Viewer allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Integer Underfl
|
30-10-2018 - 16:27 | 15-08-2015 - 00:59 | |
CVE-2011-2009 | 9.3 |
Untrusted search path vulnerability in Windows Media Center in Microsoft Windows Vista SP2 and Windows 7 Gold and SP1, and Windows Media Center TV Pack for Windows Vista, allows local users to gain privileges via a Trojan horse DLL in the current wor
|
30-10-2018 - 16:27 | 12-10-2011 - 02:52 | |
CVE-2010-2553 | 9.3 |
The Cinepak codec in Microsoft Windows XP SP2 and SP3, Windows Vista SP1 and SP2, and Windows 7 does not properly decompress media files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Cinepak Codec Decompression Vul
|
30-10-2018 - 16:27 | 11-08-2010 - 18:47 | |
CVE-2010-3225 | 7.6 |
Use-after-free vulnerability in the Media Player Network Sharing Service in Microsoft Windows Vista SP1 and SP2 and Windows 7 allows remote attackers to execute arbitrary code via a crafted Real Time Streaming Protocol (RTSP) packet, aka "RTSP Use Af
|
30-10-2018 - 16:27 | 13-10-2010 - 19:00 | |
CVE-2014-1808 | 4.3 |
Microsoft Office 2013 Gold, SP1, RT, and RT SP1 allows remote attackers to obtain sensitive token information via a web site that sends a crafted response during opening of an Office document, aka "Token Reuse Vulnerability."
|
30-10-2018 - 16:27 | 14-05-2014 - 11:13 | |
CVE-2015-1760 | 9.3 |
Microsoft Office Compatibility Pack SP3, Office 2010 SP2, Office 2013 SP1, and Office 2013 RT SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
30-10-2018 - 16:27 | 10-06-2015 - 01:59 | |
CVE-2014-1756 | 9.3 |
Untrusted search path vulnerability in Microsoft Office 2007 SP3, 2010 SP1 and SP2, and 2013 Gold, SP1, RT, and RT SP1, when the Simplified Chinese Proofing Tool is enabled, allows local users to gain privileges via a Trojan horse DLL in the current
|
30-10-2018 - 16:27 | 14-05-2014 - 11:13 | |
CVE-2010-0477 | 10.0 |
The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does not properly handle (1) SMBv1 and (2) SMBv2 response packets, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code via a crafted packet that ca
|
30-10-2018 - 16:27 | 14-04-2010 - 16:00 | |
CVE-2010-0020 | 9.0 |
The SMB implementation in the Server service in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate request fie
|
30-10-2018 - 16:27 | 10-02-2010 - 18:30 | |
CVE-2016-0049 | 2.1 |
Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 does not properly validate password changes, which allows remote attackers to bypas
|
30-10-2018 - 16:27 | 10-02-2016 - 11:59 | |
CVE-2016-0126 | 9.3 |
Microsoft Office 2013 SP1, 2013 RT SP1, and 2016 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
30-10-2018 - 16:27 | 11-05-2016 - 01:59 | |
CVE-2010-0265 | 9.3 |
Buffer overflow in Microsoft Windows Movie Maker 2.1, 2.6, and 6.0, and Microsoft Producer 2003, allows remote attackers to execute arbitrary code via a crafted project (.MSWMM) file, aka "Movie Maker and Producer Buffer Overflow Vulnerability." Per:
|
30-10-2018 - 16:27 | 10-03-2010 - 22:30 | |
CVE-2016-0009 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via unspecified vectors, aka "Win32k Remote Code Execution Vulnerability."
|
30-10-2018 - 16:27 | 13-01-2016 - 05:59 | |
CVE-2010-0811 | 9.3 |
Multiple unspecified vulnerabilities in the Microsoft Internet Explorer 8 Developer Tools ActiveX control in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, an
|
30-10-2018 - 16:27 | 08-06-2010 - 22:30 | |
CVE-2010-0250 | 9.3 |
Heap-based buffer overflow in DirectShow in Microsoft DirectX, as used in the AVI Filter on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2, and in Quartz on Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Win
|
30-10-2018 - 16:27 | 10-02-2010 - 18:30 | |
CVE-2010-0018 | 9.3 |
Integer overflow in the Embedded OpenType (EOT) Font Engine (t2embed.dll) in Microsoft Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows re
|
30-10-2018 - 16:27 | 13-01-2010 - 19:30 | |
CVE-2010-0021 | 7.1 |
Multiple race conditions in the SMB implementation in the Server service in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allow remote attackers to cause a denial of service (system hang) via a craft
|
30-10-2018 - 16:27 | 10-02-2010 - 18:30 | |
CVE-2010-0270 | 10.0 |
The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does not properly validate fields in SMB transaction responses, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code or cause a denial of service (m
|
30-10-2018 - 16:27 | 14-04-2010 - 16:00 | |
CVE-2010-0252 | 9.3 |
The Microsoft Data Analyzer ActiveX control (aka the Office Excel ActiveX control for Data Analysis) in max3activex.dll in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2
|
30-10-2018 - 16:27 | 10-02-2010 - 18:30 | |
CVE-2010-0231 | 10.0 |
The SMB implementation in the Server service in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not use a sufficient source of en
|
30-10-2018 - 16:27 | 10-02-2010 - 18:30 | |
CVE-2011-0042 | 9.3 |
SBE.dll in the Stream Buffer Engine in Windows Media Player and Windows Media Center in Microsoft Windows XP SP2 and SP3, Windows XP Media Center Edition 2005 SP3, Windows Vista SP1 and SP2, Windows 7 Gold and SP1, and Windows Media Center TV Pack fo
|
30-10-2018 - 16:27 | 09-03-2011 - 23:00 | |
CVE-2010-0022 | 7.8 |
The SMB implementation in the Server service in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate the share a
|
30-10-2018 - 16:27 | 10-02-2010 - 18:30 | |
CVE-2014-0260 | 9.3 |
Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office Compatibility Pack SP3; Word Viewer; SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allow remote attackers
|
30-10-2018 - 16:27 | 15-01-2014 - 16:13 | |
CVE-2016-0019 | 9.3 |
The Remote Desktop Protocol (RDP) service implementation in Microsoft Windows 10 Gold and 1511 allows remote attackers to bypass intended access restrictions and establish sessions for blank-password accounts via a modified RDP client, aka "Windows R
|
30-10-2018 - 16:27 | 13-01-2016 - 05:59 | |
CVE-2008-4037 | 9.3 |
Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as
|
30-10-2018 - 16:26 | 12-11-2008 - 23:30 | |
CVE-2008-4031 | 9.3 |
Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Ma
|
30-10-2018 - 16:25 | 10-12-2008 - 14:00 | |
CVE-2008-4030 | 9.3 |
Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1 allow remote attackers t
|
30-10-2018 - 16:25 | 10-12-2008 - 14:00 | |
CVE-2008-4837 | 9.3 |
Stack-based buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; and Microsoft Works 8 a
|
30-10-2018 - 16:25 | 10-12-2008 - 14:00 | |
CVE-2008-4025 | 9.3 |
Integer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office
|
30-10-2018 - 16:25 | 10-12-2008 - 14:00 | |
CVE-2008-4026 | 9.3 |
Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format
|
30-10-2018 - 16:25 | 10-12-2008 - 14:00 | |
CVE-2008-4027 | 9.3 |
Double free vulnerability in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1
|
30-10-2018 - 16:25 | 10-12-2008 - 14:00 | |
CVE-2008-4024 | 9.3 |
Microsoft Office Word 2000 SP3 and 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a Word document with a crafted lcbPlcfBkfSdt field in the File Information Block (FIB), which bypasses an initialization step and
|
30-10-2018 - 16:25 | 10-12-2008 - 14:00 | |
CVE-2008-4028 | 9.3 |
Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Ma
|
30-10-2018 - 16:25 | 10-12-2008 - 14:00 | |
CVE-2010-3227 | 9.3 |
Stack-based buffer overflow in the UpdateFrameTitleForDocument method in the CFrameWnd class in mfc42.dll in the Microsoft Foundation Class (MFC) Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows
|
30-10-2018 - 16:25 | 26-10-2010 - 22:00 | |
CVE-2009-1929 | 9.3 |
Heap-based buffer overflow in the Microsoft Terminal Services Client ActiveX control running RDP 6.1 on Windows XP SP2, Vista SP1 or SP2, or Server 2008 Gold or SP2; or 5.2 or 6.1 on Windows XP SP3; allows remote attackers to execute arbitrary code v
|
30-10-2018 - 16:25 | 12-08-2009 - 17:30 | |
CVE-2009-2532 | 10.0 |
Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC do not properly process the command value in an SMB Multi-Protocol Negotiate Request packet, which allows remote attackers to execute arbitrary code via a
|
30-10-2018 - 16:25 | 14-10-2009 - 10:30 | |
CVE-2009-2526 | 7.8 |
Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 do not properly validate fields in SMBv2 packets, which allows remote attackers to cause a denial of service (infinite loop and system hang) via a crafted packet to the Server se
|
30-10-2018 - 16:25 | 14-10-2009 - 10:30 | |
CVE-2009-1546 | 8.5 |
Integer overflow in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows allows remote attackers to execute arbitrary code on a Windows 2000 SP4 system via a crafted AVI file, or cause a denial of service on a Windows XP
|
30-10-2018 - 16:25 | 12-08-2009 - 17:30 | |
CVE-2009-1930 | 10.0 |
The Telnet service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote Telnet servers to execute arbitrary code on a client machine by replaying the NTLM credentials of
|
30-10-2018 - 16:25 | 12-08-2009 - 17:30 | |
CVE-2009-1545 | 9.3 |
Unspecified vulnerability in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbit
|
30-10-2018 - 16:25 | 12-08-2009 - 17:30 | |
CVE-2009-2527 | 9.3 |
Heap-based buffer overflow in Microsoft Windows Media Player 6.4 allows remote attackers to execute arbitrary code via (1) a crafted ASF file or (2) crafted streaming content, aka "WMP Heap Overflow Vulnerability."
|
30-10-2018 - 16:25 | 14-10-2009 - 10:30 | |
CVE-2009-1132 | 9.3 |
Heap-based buffer overflow in the Wireless LAN AutoConfig Service (aka Wlansvc) in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a malformed wireless frame, aka "Wireless
|
30-10-2018 - 16:25 | 08-09-2009 - 22:30 | |
CVE-2009-0087 | 9.3 |
Unspecified vulnerability in the Word 6 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and the Word 6 text converter in Microsoft Office Word 2000 SP3 and 2002 SP3; allows remote attackers to exe
|
30-10-2018 - 16:25 | 15-04-2009 - 08:00 | |
CVE-2009-0229 | 4.9 |
The Windows Printing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows local users to read arbitrary files via a crafted separator page, aka "Print Spooler Read File Vulnerabi
|
30-10-2018 - 16:25 | 10-06-2009 - 18:00 | |
CVE-2017-0023 | 7.6 |
The PDF library in Microsoft Edge; Windows 8.1; Windows Server 2012 and R2; Windows RT 8.1; and Windows 10, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted PDF file, aka "Microsoft PDF Remote Code Execution Vulnerabilit
|
17-10-2018 - 17:07 | 17-03-2017 - 00:59 | |
CVE-2007-0099 | 9.3 |
Race condition in the msxml3 module in Microsoft XML Core Services 3.0, as used in Internet Explorer 6 and other applications, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via many nested tags in
|
16-10-2018 - 16:31 | 08-01-2007 - 20:28 | |
CVE-2017-0003 | 9.3 |
Microsoft Word 2016 and SharePoint Enterprise Server 2016 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:15 | 10-01-2017 - 21:59 | |
CVE-2016-7257 | 4.3 |
The GDI component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Office for Mac 2011, and Office 2016 for Mac allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7235 | 9.3 |
Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Excel for Mac 2011, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vuln
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7213 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Mi
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7278 | 2.6 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Windows Hyperlink Object Library Information Disclosure Vulnerability."
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7276 | 5.8 |
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office for Mac 2011, and Office 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted docum
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7229 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office doc
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7283 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7263 | 9.3 |
Microsoft Excel for Mac 2011 and Excel 2016 for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7227 | 2.6 |
The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of local files via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerability."
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7196 | 7.6 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7289 | 9.3 |
Microsoft Publisher 2010 SP2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7268 | 5.8 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive in
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7212 | 9.3 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow remote attackers to execute arbitrary code vi
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7286 | 7.6 |
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7267 | 4.3 |
Microsoft Excel 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 misparses file formats, which makes it easier for remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Security Feature Bypass Vulnerability."
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7241 | 7.6 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7206 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability," a different vulnerability than CVE-2016-7280
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7284 | 4.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7300 | 4.6 |
Untrusted search path vulnerability in Microsoft Auto Updater for Mac allows local users to gain privileges via a Trojan horse executable file, aka "Microsoft (MAU) Office Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7282 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Browser Information Disclosure Vulnerabilit
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7243 | 7.6 |
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vu
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7228 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Mi
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7205 | 9.3 |
Animation Manager in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a c
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7281 | 2.6 |
The Web Workers implementation in Microsoft Internet Explorer 10 and 11 and Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Browser Security Feature Bypass Vulnerability."
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7232 | 9.3 |
Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7204 | 2.6 |
Microsoft Edge allows remote attackers to access arbitrary "My Documents" files via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability."
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7273 | 9.3 |
The Graphics component in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Graphics Remote Code Execution Vulnerability."
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7234 | 9.3 |
Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Excel for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Ser
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7222 | 7.2 |
Task Scheduler in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allows local users to gain privileges via a crafted UNC pathname in a task, aka "Task Scheduler Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7209 | 2.6 |
Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability."
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7291 | 5.8 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information fro
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7277 | 9.3 |
Microsoft Office 2016 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7240 | 7.6 |
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vu
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7280 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Edge allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability," a different vulnerability than CVE-2016-7206
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7244 | 4.3 |
Microsoft Office 2007 SP3 allows remote attackers to cause a denial of service (application hang) via a crafted Office document, aka "Microsoft Office Denial of Service Vulnerability."
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7297 | 7.6 |
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7231 | 9.3 |
Microsoft Excel 2007 SP3, Excel for Mac 2011, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7279 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7242 | 7.6 |
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vu
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7217 | 9.3 |
Media Foundation in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Media Foundation Memor
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7198 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7274 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arb
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7264 | 5.8 |
Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, Excel for Mac 2011, and Excel 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a craft
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7221 | 7.2 |
Input Method Editor (IME) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 mishandles DLL loading
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7203 | 7.6 |
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vu
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7189 | 9.3 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Remote Code Execution Vulnerability."
|
12-10-2018 - 22:14 | 14-10-2016 - 02:59 | |
CVE-2016-7290 | 5.8 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information fro
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7265 | 5.8 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, and Excel Services on SharePoint Server 2010 SP2 allow remote attacker
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7239 | 2.6 |
The RegEx class in the XSS filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive information via unspecified vectors, aka "Microsoft Browser In
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7202 | 7.6 |
The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vul
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7182 | 10.0 |
The Graphics component in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Sk
|
12-10-2018 - 22:14 | 14-10-2016 - 02:59 | |
CVE-2016-7288 | 7.6 |
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7298 | 9.3 |
Microsoft Office 2007 SP3, Office 2010 SP2, Word Viewer, Office for Mac 2011, and Office 2016 for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memo
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7233 | 4.3 |
Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Excel for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2013 SP1, and Office Web Apps 2010 SP2 allow remote attackers to obt
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7199 | 2.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the Same Origin Policy and obtain sensitive window-state information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7236 | 9.3 |
Microsoft Excel 2010 SP2, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7210 | 4.3 |
atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sens
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7230 | 9.3 |
Microsoft PowerPoint 2010 SP2, PowerPoint Viewer, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7208 | 7.6 |
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vu
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7190 | 7.6 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
12-10-2018 - 22:14 | 14-10-2016 - 02:59 | |
CVE-2016-7296 | 7.6 |
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7272 | 9.3 |
The Graphics component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers t
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7287 | 7.6 |
The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7266 | 6.8 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, and Excel 2016 for Mac mishandle a registry check, which allows user-assisted remote attackers to execute arbitrary
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-7194 | 7.6 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
12-10-2018 - 22:14 | 14-10-2016 - 02:59 | |
CVE-2016-7195 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
12-10-2018 - 22:14 | 10-11-2016 - 06:59 | |
CVE-2016-7181 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."
|
12-10-2018 - 22:14 | 20-12-2016 - 06:59 | |
CVE-2016-3383 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3362 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Service
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3324 | 6.8 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3263 | 5.0 |
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3246 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3382 | 9.3 |
The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by the Chakra JavaScript en
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3355 | 7.2 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to gain privil
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3325 | 2.6 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3389 | 7.6 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3316 | 9.3 |
Microsoft Word 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow remote attackers to execute arbitrary code via a crafted file, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3295 | 5.1 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3273 | 2.6 |
The XSS Filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge does not properly restrict JavaScript code, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclos
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3239 | 7.2 |
The Print Spooler service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via vectors
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3378 | 5.8 |
Open redirect vulnerability in Microsoft Exchange Server 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 allows remote attackers to redirect users to arbitrary web sites and condu
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3360 | 9.3 |
Microsoft PowerPoint 2007 SP3, PowerPoint 2010 SP2, PowerPoint 2013 SP1, PowerPoint 2013 RT SP1, PowerPoint 2016 for Mac, Office Compatibility Pack SP3, PowerPoint Viewer, SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Serv
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3296 | 7.6 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3276 | 2.6 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability."
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3242 | 7.6 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3222 | 9.3 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 16-06-2016 - 01:59 | |
CVE-2016-3319 | 9.3 |
The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allows remote attackers to execute arbitrary code via a crafted PDF file, aka "Microsoft PDF Remote Code Execution Vulnerability."
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3297 | 6.8 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3277 | 2.6 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3241 | 7.6 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3384 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3349 | 7.2 |
The kernel-mode drivers in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3322 | 7.6 |
Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3289.
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3269 | 9.3 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3233 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 16-06-2016 - 01:59 | |
CVE-2016-3354 | 4.3 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to bypass the
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3329 | 2.6 |
Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to determine the existence of files via a crafted webpage, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3379 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2016 Cumulative Update 1 and 2 allows remote attackers to inject arbitrary web script or HTML via a meeting-invitation request, aka "Microsoft Exchange Elevation of Privilege Vulne
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3358 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Exce
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3283 | 9.3 |
Microsoft Word Viewer allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3248 | 9.3 |
The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memo
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3356 | 9.3 |
The Graphics Device Interface (GDI) in Microsoft Windows 10 1607 allows remote attackers to execute arbitrary code via a crafted document, aka "GDI Remote Code Execution Vulnerability."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3290 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code via a crafted web page, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3288.
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3271 | 4.3 |
The VBScript engine in Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability."
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3345 | 9.0 |
The SMBv1 server in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to execute arbitrary code vi
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3326 | 2.6 |
Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to obtain sensitive information via a crafted web page, aka "Microsoft Browser Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3327.
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3281 | 9.3 |
Microsoft Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitra
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3261 | 2.6 |
Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3244 | 4.3 |
Microsoft Edge allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Edge Security Feature Bypass."
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3368 | 9.0 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow remote authenticated users to execute arbitrary code by leveraging
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3292 | 5.1 |
Microsoft Internet Explorer 10 and 11 mishandles integrity settings and zone settings, which allows remote attackers to bypass a sandbox protection mechanism via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3270 | 10.0 |
The Graphics component in the kernel in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privi
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3375 | 7.6 |
The OLE Automation mechanism and VBScript scripting engine in Microsoft Internet Explorer 9 through 11, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3353 | 5.1 |
Microsoft Internet Explorer 9 through 11 mishandles .url files from the Internet zone, which allows remote attackers to bypass intended access restrictions via a crafted file, aka "Internet Explorer Security Feature Bypass."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3301 | 9.3 |
The Windows font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer;
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3240 | 7.6 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3385 | 9.3 |
The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3363 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3317 | 9.3 |
Microsoft Office 2010 SP2, Word 2007 SP3, Word 2010 SP2, Word for Mac 2011, Word 2016 for Mac, and Word Viewer allow remote attackers to execute arbitrary code via a crafted file, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3278 | 9.3 |
Microsoft Outlook 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3386 | 9.3 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3315 | 4.3 |
Microsoft OneNote 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, and 2016 for Mac allow remote attackers to obtain sensitive information via a crafted OneNote file, aka "Microsoft OneNote Information Disclosure Vulnerability."
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3264 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3392 | 2.6 |
The Edge Content Security Policy feature in Microsoft Edge does not properly validate documents, which allows remote attackers to bypass intended access restrictions via a crafted web site, aka "Microsoft Browser Security Feature Bypass Vulnerability
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3348 | 9.3 |
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a cr
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3327 | 2.6 |
Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to obtain sensitive information via a crafted web page, aka "Microsoft Browser Information Disclosure Vulnerability," a different vulnerability than CVE-2016-3326.
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3304 | 9.3 |
The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Office 2007 SP3, Office 2010 SP2, Word Viewer, Skype for Business 2016, Lync 2013 SP1, Lync 2010, Lync 2010 Attendee, and Live Meeting 2007 Co
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3279 | 4.3 |
Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Excel 2016, Word 2016, Word Automation Services on SharePo
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3243 | 7.6 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3289 | 7.6 |
Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3322.
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3234 | 4.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office
|
12-10-2018 - 22:12 | 16-06-2016 - 01:59 | |
CVE-2016-3388 | 2.6 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3352 | 4.3 |
Microsoft Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 do not properly check NTLM SSO requests for MSA logins, which makes it easier for remote attackers to determine passwords via a brute-force attack on NTLM password hashes, aka
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3331 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3291 | 2.6 |
Microsoft Internet Explorer 11 and Microsoft Edge mishandle cross-origin requests, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3267 | 4.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of unspecified files via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3396 | 9.3 |
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3288 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code via a crafted web page, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3290.
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3262 | 5.0 |
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3245 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to trick users into making TCP connections to a restricted port via a crafted web site, aka "Internet Explorer Security Feature Bypass Vulnerability."
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3390 | 7.6 |
The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by the Chakra JavaScript engine, aka
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3365 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Service
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3282 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automa
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3265 | 9.3 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3359 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3238 | 9.3 |
The Print Spooler service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows man-in-the-middle attackers to execute arbi
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3361 | 9.3 |
Microsoft Excel 2010 SP2 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3387 | 6.8 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3369 | 7.8 |
Microsoft Windows 10 Gold and 1511 allows attackers to cause a denial of service via unspecified vectors, aka "Windows Denial of Service Vulnerability."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3346 | 7.2 |
Microsoft Windows 10 Gold, 1511, and 1607 does not properly enforce permissions, which allows local users to obtain Administrator access via a crafted DLL, aka "Windows Permissions Enforcement Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3321 | 1.9 |
Microsoft Internet Explorer 10 and 11 load different files for attempts to open a file:// URL depending on whether the file exists, which allows local users to enumerate files via vectors involving a file:// URL and an HTML5 sandbox iframe, aka "Inte
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3293 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Edge allow remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3274 | 2.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability."
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3247 | 5.1 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3381 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3364 | 9.3 |
Microsoft Visio 2016 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 14-09-2016 - 10:59 | |
CVE-2016-3303 | 9.3 |
The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Office 2007 SP3, Office 2010 SP2, Word Viewer, Skype for Business 2016, Lync 2013 SP1, Lync 2010, Lync 2010 Attendee, and Live Meeting 2007 Co
|
12-10-2018 - 22:12 | 09-08-2016 - 21:59 | |
CVE-2016-3280 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code via a crafted Office docum
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3260 | 9.3 |
The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corrupt
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3391 | 2.6 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow context-dependent attackers to discover credentials by leveraging access to a memory dump, aka "Microsoft Browser Information Disclosure Vulnerability."
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
CVE-2016-3284 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office doc
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3259 | 9.3 |
The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memo
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2016-3211 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-3202 | 7.6 |
The Microsoft (1) Chakra JavaScript, (2) JScript, and (3) VBScript engines, as used in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a c
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-3213 | 9.3 |
The Web Proxy Auto Discovery (WPAD) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold and 1511, and Internet Explor
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-3210 | 9.3 |
The Microsoft (1) JScript and (2) VBScript engines, as used in Internet Explorer 11, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vul
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-3198 | 4.3 |
Microsoft Edge allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a crafted document, aka "Microsoft Edge Security Feature Bypass."
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-3204 | 9.3 |
The Microsoft (1) JScript 5.8 and 9 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted we
|
12-10-2018 - 22:11 | 13-07-2016 - 01:59 | |
CVE-2016-3214 | 9.3 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-3212 | 4.3 |
The XSS Filter in Microsoft Internet Explorer 9 through 11 does not properly identify JavaScript, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, aka "Internet Explorer XSS Filter Vulne
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-3206 | 7.6 |
The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-3207 | 7.6 |
The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-3199 | 9.3 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-3205 | 7.6 |
The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-3203 | 9.3 |
Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allow remote attackers to execute arbitrary code via a crafted PDF document, aka "Windows PDF Remote Code Execution Vulnerability."
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-3209 | 5.0 |
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010
|
12-10-2018 - 22:11 | 14-10-2016 - 02:59 | |
CVE-2016-0138 | 4.0 |
Microsoft Exchange Server 2007 SP3, 2010 SP3, 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 misparses e-mail messages, which allows remote authenticated users to obtain sensitiv
|
12-10-2018 - 22:11 | 14-09-2016 - 10:59 | |
CVE-2016-0148 | 7.2 |
Microsoft .NET Framework 4.6 and 4.6.1 mishandles library loading, which allows local users to gain privileges via a crafted application, aka ".NET Framework Remote Code Execution Vulnerability."
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0084 | 9.3 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability."
|
12-10-2018 - 22:11 | 10-02-2016 - 11:59 | |
CVE-2016-0161 | 4.3 |
Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0158.
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0145 | 9.3 |
The font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold and 1511; Office 2007 SP3 and 2010 SP2; Word Viewer; .NET Framework 3.0
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0141 | 4.3 |
The Visual Basic macros in Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 export a certificate-store private key during a document-save operation, which allows attackers to obtain sensitive information via unspecified vectors, aka "Microsoft
|
12-10-2018 - 22:11 | 14-09-2016 - 10:59 | |
CVE-2016-0130 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0116, CVE-2016-012
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0113 | 7.6 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0105 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0129 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0116, CVE-2016-012
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0108 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0092 | 9.3 |
OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, ak
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0127 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Offi
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0120 | 7.1 |
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to cause a denial of
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0194 | 2.6 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to bypass file permissions and obtain sensitive information via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0179 | 9.3 |
Windows Shell in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Shell Remote Code Execution Vulnerability."
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0117 | 9.3 |
The PDF library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted PDF document, aka "Windows Remote Code Execution Vulnerability."
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0182 | 9.3 |
Windows Journal in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted Journal (aka .jnt) file, aka "Windows Journal Memory Corruption V
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0110 | 7.6 |
Microsoft Internet Explorer 10 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0183 | 9.3 |
The Windows font library in Microsoft Office 2010 SP2, Word 2010 SP2, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allows remote attackers to execute arbitrary code via a crafted embedded font, aka "Microsoft O
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0166 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0136 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, Excel Services on SharePoint Server 2007 SP3, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, ak
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0089 | 2.1 |
Hyper-V in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows guest OS users to obtain sensitive information from host OS memory via a crafted application, aka "Hyper-V Information Disclosure Vulnerability."
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0191 | 7.6 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0170 | 9.3 |
GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted document
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0100 | 7.2 |
Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Library Loading Input Validation Remote Code Execution Vulnerability."
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0156 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0155 and CVE-2016-
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0143 | 7.2 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted a
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0134 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0104 | 7.6 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0114 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0168 | 4.3 |
GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to obtain sensitive information via a crafted do
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0155 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0156 and CVE-2016-
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0123 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0116, CVE-2016-012
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0106 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0192 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0098 | 9.3 |
Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 allow remote attackers to execute arbitrary code via crafted media content, aka "Windows Media Parsing Remote Code Execu
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0088 | 7.2 |
Hyper-V in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows guest OS users to execute arbitrary code on the host OS via a crafted application, aka "Hyper-V Remote Code Execution Vulnerability."
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0158 | 4.3 |
Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0161.
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0152 | 7.2 |
Internet Information Services (IIS) in Microsoft Windows Vista SP2 and Server 2008 SP2 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Windows DLL Loading Remote Code Execution Vulnerability."
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0137 | 4.3 |
The Click-to-Run (C2R) implementation in Microsoft Office 2013 SP1 and 2016 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Microsoft APP-V ASLR Bypass."
|
12-10-2018 - 22:11 | 14-09-2016 - 10:59 | |
CVE-2016-0199 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-0186 | 7.6 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0109 | 7.6 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerabi
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0103 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0140 | 9.3 |
Microsoft Office 2007 SP3, Office 2010 SP2, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption V
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0121 | 9.3 |
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0091 | 6.8 |
OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, ak
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0112 | 7.6 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0101 | 9.3 |
Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via crafted media content, aka "Windows Media Parsing Rem
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0090 | 2.1 |
Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows 10 allows guest OS users to obtain sensitive information from host OS memory via a crafted application, aka "Hyper-V Information Disclosure Vulnerability."
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0169 | 4.3 |
GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to obtain sensitive information via a crafted do
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0157 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0155 and CVE-2016-
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0102 | 7.6 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerabi
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0193 | 7.6 |
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerabilit
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0160 | 7.2 |
Microsoft Internet Explorer 11 mishandles DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability." <a href="http://cwe.mitre.org/data/definitions/426.html">CWE-426: Unt
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0147 | 9.3 |
Microsoft XML Core Services 3.0 allows remote attackers to execute arbitrary code via a crafted web site, aka "MSXML 3.0 Remote Code Execution Vulnerability."
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0195 | 9.3 |
The Imaging Component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0188 | 9.3 |
The User Mode Code Integrity (UMCI) implementation in Device Guard in Microsoft Internet Explorer 11 allows remote attackers to bypass a code-signing protection mechanism via unspecified vectors, aka "Internet Explorer Security Feature Bypass."
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0142 | 9.3 |
Video Control in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Video Control Remote Code Execution
|
12-10-2018 - 22:11 | 14-10-2016 - 02:59 | |
CVE-2016-0118 | 9.3 |
The PDF library in Microsoft Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted PDF document, aka "Windows Remote Code Execution Vulnerability."
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0159 | 7.6 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0164 | 7.6 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0139 | 9.3 |
Microsoft Excel 2010 SP2, Word for Mac 2011, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0124 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0116, CVE-2016-012
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0116 | 7.6 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0123, CVE-2016-012
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0187 | 7.6 |
The Microsoft (1) JScript 5.8 and (2) VBScript 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "S
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0154 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0111 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0198 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code via a crafted O
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0125 | 2.6 |
Microsoft Edge mishandles the Referer policy, which allows remote attackers to obtain sensitive browser-history and request information via a crafted HTTPS web site, aka "Microsoft Edge Information Disclosure Vulnerability."
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2016-0200 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:11 | 16-06-2016 - 01:59 | |
CVE-2016-0153 | 9.3 |
OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1 allows remote attackers to execute arbitrary code via a crafted file, aka "Windows OLE Remote Code
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0184 | 9.3 |
Use-after-free vulnerability in GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbit
|
12-10-2018 - 22:11 | 11-05-2016 - 01:59 | |
CVE-2016-0122 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Word 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft
|
12-10-2018 - 22:11 | 12-04-2016 - 23:59 | |
CVE-2016-0107 | 7.6 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
CVE-2015-6176 | 4.3 |
Microsoft Edge mishandles HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified vectors, aka "Microsoft Edge XSS Filter Bypass Vulnerability."
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6153 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerabi
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6139 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge mishandle content types, which allows remote attackers to execute arbitrary web script in a privileged context via a crafted web site, aka "Microsoft Browser Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6097 | 9.3 |
Heap-based buffer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted Journal (.jnt) file, aka "Windows Journal Heap Overflo
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6085 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6065 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 11-11-2015 - 11:59 | |
CVE-2015-6053 | 5.0 |
Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via crafted parameters in an ArrayBuffer.slice call, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:10 | 14-10-2015 - 01:59 | |
CVE-2015-6155 | 9.3 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6088 | 4.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Browser ASLR Bypass."
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6076 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6170 | 6.8 |
Microsoft Edge allows remote attackers to gain privileges via a crafted web site, aka "Microsoft Browser Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6158 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerabi
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6144 | 4.3 |
Microsoft Internet Explorer 8 through 11 and Microsoft Edge mishandle HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified vectors, aka "Microsoft Browser XSS Fil
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6130 | 9.3 |
Integer underflow in Uniscribe in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows remote attackers to execute arbitrary code via a crafted font, aka "Windows Integer Underflow Vulnerability."
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6092 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6080 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6156 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6143 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6089 | 9.3 |
The Microsoft (1) VBScript and (2) JScript engines, as used in Internet Explorer 8 through 11, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corr
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6073 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerabi
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6052 | 4.3 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript and JScript
|
12-10-2018 - 22:10 | 14-10-2015 - 01:59 | |
CVE-2015-6154 | 9.3 |
Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6117 | 4.3 |
Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka "Microsoft Share
|
12-10-2018 - 22:10 | 13-01-2016 - 05:59 | |
CVE-2015-6083 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6046 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:10 | 14-10-2015 - 01:59 | |
CVE-2015-6142 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerabi
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6045 | 9.3 |
Use-after-free vulnerability in the CElement object implementation in Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JavaScript that improperly interacts w
|
12-10-2018 - 22:10 | 13-11-2015 - 03:59 | |
CVE-2015-6169 | 4.3 |
Microsoft Edge misparses HTTP responses, which allows remote attackers to redirect users to arbitrary web sites via unspecified vectors, aka "Microsoft Edge Spoofing Vulnerability."
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6149 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6072 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6055 | 9.3 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Fi
|
12-10-2018 - 22:10 | 14-10-2015 - 01:59 | |
CVE-2015-6044 | 6.8 |
Microsoft Internet Explorer 8 allows remote attackers to gain privileges via a crafted web site, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:10 | 14-10-2015 - 01:59 | |
CVE-2015-6038 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3, 2010 SP2, and 2013 SP1 all
|
12-10-2018 - 22:10 | 11-11-2015 - 11:59 | |
CVE-2015-6157 | 4.3 |
Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6136 | 9.3 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6086 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6064 | 9.3 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vu
|
12-10-2018 - 22:10 | 11-11-2015 - 11:59 | |
CVE-2015-6165 | 4.3 |
Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Silverlight Information Disclosure Vulnerability," a different vulnerability than CVE-2015-6114.
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6146 | 9.3 |
Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6114 | 4.3 |
Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Silverlight Information Disclosure Vulnerability," a different vulnerability than CVE-2015-6165.
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6077 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6140 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerabi
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6084 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6070 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 11-11-2015 - 11:59 | |
CVE-2015-6056 | 9.3 |
The (1) JScript and (2) VBScript engines in Microsoft Internet Explorer 9 through 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vul
|
12-10-2018 - 22:10 | 14-10-2015 - 01:59 | |
CVE-2015-6172 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2016, Word 2013 RT SP1, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted email message processed by Outlook, aka "Microsoft O
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6159 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerabi
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6147 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6122 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6082 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6069 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 11-11-2015 - 11:59 | |
CVE-2015-6161 | 4.3 |
Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Browser ASLR Bypass."
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6151 | 9.3 |
Microsoft Internet Explorer 8 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6135 | 5.0 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scriptin
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6118 | 9.3 |
Microsoft Office 2007 SP3 and Office 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6078 | 9.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6049 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 14-10-2015 - 01:59 | |
CVE-2015-6168 | 9.3 |
Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Edge Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6153.
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6162 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6145 | 9.3 |
Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6094 | 9.3 |
Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Mic
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6079 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6068 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:10 | 11-11-2015 - 11:59 | |
CVE-2015-6160 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6150 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6106 | 9.3 |
The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2, Office 2007 SP3, Office 2010 SP2, Word Viewer, Skype for Business 2016, Lync 2010, Lync 2013 SP1, and Live Meeting 2007 Console allows remote attackers to execute arbit
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6091 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, and Word Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6074 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6047 | 6.8 |
The broker EditWith feature in Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the AppContainer protection mechanism and gain privileges via a DelegateExecute launch of an arbitrary application, as demonstrated by a transit
|
12-10-2018 - 22:10 | 14-10-2015 - 01:59 | |
CVE-2015-6040 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6164 | 6.8 |
Microsoft Internet Explorer 9 through 11 improperly implements a cross-site scripting (XSS) protection mechanism, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, aka "Internet Explorer XSS Filter Bypass Vulnerab
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6075 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6059 | 4.3 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scriptin
|
12-10-2018 - 22:10 | 14-10-2015 - 01:59 | |
CVE-2015-6166 | 9.3 |
Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read or write access) via unspecified open and close requests, aka "Microsoft Silverlight RCE Vulnerability."
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6148 | 9.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6134 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6081 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6071 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6138 | 4.3 |
Microsoft Internet Explorer 8 through 11 mishandles HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified vectors, aka "Internet Explorer XSS Filter Bypass Vulnera
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6177 | 9.3 |
Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6141 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6128 | 7.2 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."
|
12-10-2018 - 22:10 | 09-12-2015 - 11:59 | |
CVE-2015-6087 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 11-11-2015 - 12:59 | |
CVE-2015-6066 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 11-11-2015 - 11:59 | |
CVE-2015-6050 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:10 | 14-10-2015 - 01:59 | |
CVE-2015-2555 | 9.3 |
Use-after-free vulnerability in Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint Server 2010 SP2 and 2013 SP1 allows remote attackers to execute arbitrar
|
12-10-2018 - 22:10 | 14-10-2015 - 01:59 | |
CVE-2015-2558 | 9.3 |
Use-after-free vulnerability in Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Excel Viewer, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2007
|
12-10-2018 - 22:10 | 14-10-2015 - 01:59 | |
CVE-2015-2548 | 9.3 |
Use-after-free vulnerability in the Tablet Input Band in Windows Shell in Microsoft Windows Vista SP2 and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Microsoft Tablet Input Band Use After Free Vulnerab
|
12-10-2018 - 22:10 | 14-10-2015 - 01:59 | |
CVE-2015-2557 | 9.3 |
Buffer overflow in Microsoft Visio 2007 SP3 and 2010 SP2 allows remote attackers to execute arbitrary code via crafted UML data in an Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:10 | 14-10-2015 - 01:59 | |
CVE-2015-2542 | 9.3 |
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability."
|
12-10-2018 - 22:10 | 09-09-2015 - 00:59 | |
CVE-2016-0064 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0052 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2013 SP1, Office Web
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0010 | 9.3 |
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Excel for Mac 2011, PowerPoint for Mac 2011, Word for Mac 2011, Excel 2016 for Mac, PowerPoint 2016 for Mac, Word 2016 for Mac, and Word Viewer allow remote
|
12-10-2018 - 22:10 | 13-01-2016 - 05:59 | |
CVE-2016-0068 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0069.
|
12-10-2018 - 22:10 | 18-02-2016 - 22:59 | |
CVE-2016-0060 | 9.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0054 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint S
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0077 | 4.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge misparse HTTP responses, which allows remote attackers to spoof web sites via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability."
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0022 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2013 SP1, Office Web
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0011 | 3.5 |
Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) attacks by modifying a webpart, aka "Microsoft Share
|
12-10-2018 - 22:10 | 13-01-2016 - 05:59 | |
CVE-2016-0042 | 7.2 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafte
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0067 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0041 | 7.2 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold and 1511, and Internet Explorer 10 and 11 mishandle DLL loading, which allows local users to
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0035 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office doc
|
12-10-2018 - 22:10 | 13-01-2016 - 05:59 | |
CVE-2016-0020 | 7.2 |
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "MAPI DLL Loading Elevation of Privilege Vulnerability." <a href="htt
|
12-10-2018 - 22:10 | 13-01-2016 - 05:59 | |
CVE-2016-0080 | 4.3 |
Microsoft Edge mishandles exceptions during window-message dispatch operations, which allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Edge ASLR Bypass."
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0061 | 9.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0039 | 4.3 |
Cross-site scripting (XSS) vulnerability in SharePoint Server in Microsoft SharePoint Foundation 2013 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0063 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0056 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corrup
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0002 | 7.6 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption
|
12-10-2018 - 22:10 | 13-01-2016 - 05:59 | |
CVE-2016-0059 | 4.3 |
The Hyperlink Object Library in Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted URL in a (1) e-mail message or (2) Office document, aka "Internet Explorer Information
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0021 | 9.3 |
Microsoft InfoPath 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:10 | 09-03-2016 - 11:59 | |
CVE-2016-0072 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0069 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0068.
|
12-10-2018 - 22:10 | 18-02-2016 - 22:59 | |
CVE-2016-0055 | 9.3 |
Microsoft Office 2007 SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0003 | 9.3 |
Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka "Microsoft Edge Memory Corruption Vulnerability."
|
12-10-2018 - 22:10 | 13-01-2016 - 05:59 | |
CVE-2016-0005 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:10 | 13-01-2016 - 05:59 | |
CVE-2016-0025 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office 2016, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automa
|
12-10-2018 - 22:10 | 16-06-2016 - 01:59 | |
CVE-2016-0012 | 4.3 |
Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1,
|
12-10-2018 - 22:10 | 13-01-2016 - 05:59 | |
CVE-2016-0071 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0062 | 9.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2016-0057 | 7.2 |
Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 does not properly sign an unspecified binary file, which allows local users to gain privileges via a Trojan horse file with a crafted signature, aka "Microsoft Office Security Feature Bypass Vul
|
12-10-2018 - 22:10 | 09-03-2016 - 11:59 | |
CVE-2016-0053 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps Server 2013 SP1, and SharePoint S
|
12-10-2018 - 22:10 | 10-02-2016 - 11:59 | |
CVE-2015-2467 | 9.3 |
Microsoft Office 2007 SP3 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:09 | 15-08-2015 - 00:59 | |
CVE-2015-2441 | 9.3 |
Microsoft Internet Explorer 7 through 11 and Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:09 | 14-08-2015 - 10:59 | |
CVE-2015-1744 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2452 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2441.
|
12-10-2018 - 22:09 | 14-08-2015 - 10:59 | |
CVE-2015-1753 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-1767 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2485 | 9.3 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 09-09-2015 - 00:59 | |
CVE-2015-2477 | 9.3 |
Microsoft Office 2007 SP3, Office for Mac 2011, Office for Mac 2016, and Word Viewer allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:09 | 15-08-2015 - 00:59 | |
CVE-2015-2443 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability."
|
12-10-2018 - 22:09 | 14-08-2015 - 10:59 | |
CVE-2015-2427 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:09 | 11-11-2015 - 11:59 | |
CVE-2015-1763 | 8.5 |
Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014 does not prevent use of uninitialized memory in certain attempts to execute virtual functions, which allows remote authenticated users to execute arbitrary code vi
|
12-10-2018 - 22:09 | 14-07-2015 - 23:59 | |
CVE-2015-2523 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel for Mac 2011 and 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft O
|
12-10-2018 - 22:09 | 09-09-2015 - 00:59 | |
CVE-2015-2448 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability."
|
12-10-2018 - 22:09 | 14-08-2015 - 10:59 | |
CVE-2015-1762 | 7.1 |
Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014, when transactional replication is configured, does not prevent use of uninitialized memory in unspecified function calls, which allows remote authenticated users
|
12-10-2018 - 22:09 | 14-07-2015 - 23:59 | |
CVE-2015-1737 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2411 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2375 | 4.3 |
Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel Viewer 2007 SP3, Excel Services on SharePoint Server 2010 SP2, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to bypass the ASLR protection mechanism via a cr
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-1739 | 6.8 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-1752 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-1751 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2431 | 9.3 |
Microsoft Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, and Lync Basic 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office Graphics Library (OGL) font, aka "Microsoft
|
12-10-2018 - 22:09 | 15-08-2015 - 00:59 | |
CVE-2015-2422 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-1732 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-1733 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-1735 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2421 | 4.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass."
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2401 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-1741 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2469 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, and Office for Mac 2011 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:09 | 15-08-2015 - 00:59 | |
CVE-2015-1738 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2522 | 3.5 |
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2013 SP1 allows remote authenticated users to inject arbitrary web script or HTML via crafted content, aka "Microsoft SharePoint XSS Spoofing Vulnerability."
|
12-10-2018 - 22:09 | 09-09-2015 - 00:59 | |
CVE-2015-2446 | 9.3 |
Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2447.
|
12-10-2018 - 22:09 | 14-08-2015 - 10:59 | |
CVE-2015-2413 | 4.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to determine the existence of local files via a crafted module-resource request, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2398 | 4.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the XSS filter via a crafted attribute of an element in an HTML document, aka "Internet Explorer XSS Filter Bypass Vulnerability."
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2376 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Office for Mac 2011, Excel Viewer 2007 SP3, Office Compatibility Pack SP3, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, and Ex
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2503 | 9.3 |
Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 S
|
12-10-2018 - 22:09 | 11-11-2015 - 11:59 | |
CVE-2015-2403 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2384 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2449 | 4.3 |
Microsoft Internet Explorer 7 through 11 and Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "ASLR Bypass."
|
12-10-2018 - 22:09 | 14-08-2015 - 10:59 | |
CVE-2015-2402 | 4.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2442 | 9.3 |
Microsoft Internet Explorer 8 through 11 and Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:09 | 14-08-2015 - 10:59 | |
CVE-2015-2414 | 4.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to obtain sensitive browsing-history information via vectors related to image caching, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2373 | 10.0 |
The Remote Desktop Protocol (RDP) server service in Microsoft Windows 7 SP1, Windows 8, and Windows Server 2012 allows remote attackers to execute arbitrary code via a series of crafted packets, aka "Remote Desktop Protocol (RDP) Remote Code Executio
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2468 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office for Mac 2011, Office for Mac 2016, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Word
|
12-10-2018 - 22:09 | 15-08-2015 - 00:59 | |
CVE-2015-1736 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2404 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2391 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2369 | 6.9 |
Untrusted search path vulnerability in Windows Media Device Manager in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a Trojan horse DLL in the cur
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2508 | 7.2 |
The Adobe Type Manager Library in Microsoft Windows 10 allows local users to gain privileges via a crafted application, aka "Font Driver Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:09 | 09-09-2015 - 00:59 | |
CVE-2015-2486 | 9.3 |
Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 09-09-2015 - 00:59 | |
CVE-2015-2397 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2380 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, and Word 2013 RT SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2510 | 9.3 |
Buffer overflow in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2, Office 2007 SP3, Office 2010 SP2, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, and Live Meeting 2007 Console allows remot
|
12-10-2018 - 22:09 | 09-09-2015 - 00:59 | |
CVE-2015-1747 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-1745 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2447 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2446.
|
12-10-2018 - 22:09 | 14-08-2015 - 10:59 | |
CVE-2015-2372 | 9.3 |
vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScri
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-1755 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2410 | 4.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to determine the existence of local files via a crafted stylesheet, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2389 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-1748 | 6.8 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1743.
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-1759 | 9.3 |
Microsoft Office Compatibility Pack SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2521 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:09 | 09-09-2015 - 00:59 | |
CVE-2015-2408 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2388 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-1754 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2494 | 9.3 |
Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 09-09-2015 - 00:59 | |
CVE-2015-1761 | 6.5 |
Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014 uses an incorrect class during casts of unspecified pointers, which allows remote authenticated users to gain privileges by leveraging certain write access, aka "S
|
12-10-2018 - 22:09 | 14-07-2015 - 23:59 | |
CVE-2015-2520 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011 and 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerabili
|
12-10-2018 - 22:09 | 09-09-2015 - 00:59 | |
CVE-2015-2445 | 4.3 |
Microsoft Internet Explorer 10 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "ASLR Bypass."
|
12-10-2018 - 22:09 | 14-08-2015 - 10:59 | |
CVE-2015-1750 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2450 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2451.
|
12-10-2018 - 22:09 | 14-08-2015 - 10:59 | |
CVE-2015-2412 | 4.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to read arbitrary local files via a crafted pathname, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2377 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Micro
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-1740 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2406 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2390 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2383 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-1765 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to read the browser history via a crafted web site.
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-1730 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2482 | 9.3 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted
|
12-10-2018 - 22:09 | 14-10-2015 - 01:59 | |
CVE-2015-2474 | 9.0 |
Microsoft Windows Vista SP2 and Server 2008 SP2 allow remote authenticated users to execute arbitrary code via a crafted string in a Server Message Block (SMB) server error-logging action, aka "Server Message Block Memory Corruption Vulnerability."
|
12-10-2018 - 22:09 | 15-08-2015 - 00:59 | |
CVE-2015-2444 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2442.
|
12-10-2018 - 22:09 | 14-08-2015 - 10:59 | |
CVE-2015-1766 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-1742 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2473 | 9.3 |
Untrusted search path vulnerability in the client in Remote Desktop Protocol (RDP) through 8.1 in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as
|
12-10-2018 - 22:09 | 15-08-2015 - 00:59 | |
CVE-2015-2451 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2450.
|
12-10-2018 - 22:09 | 14-08-2015 - 10:59 | |
CVE-2015-2378 | 6.9 |
Untrusted search path vulnerability in Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel Viewer 2007 SP3, and Office Compatibility Pack SP3 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Microsoft Ex
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-1731 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
CVE-2015-2415 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Micro
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2385 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-2379 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office for Mac 2011, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office docu
|
12-10-2018 - 22:09 | 14-07-2015 - 21:59 | |
CVE-2015-1650 | 9.3 |
Use-after-free vulnerability in Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, and Office Web
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1728 | 9.3 |
Microsoft Windows Media Player 10 through 12 allows remote attackers to execute arbitrary code via a crafted DataObject on a web site, aka "Windows Media Player RCE via DataObject Vulnerability."
|
12-10-2018 - 22:08 | 10-06-2015 - 01:59 | |
CVE-2015-1718 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1661 | 4.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1645 | 9.3 |
Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow remote attackers to execute arbitrary code via a crafted Enhanced Metafile (EMF) image, aka "EMF Processing Remote Code Execution Vulner
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1636 | 3.5 |
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2013 Gold and SP1 and SharePoint Server 2013 Gold and SP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted request, aka "Microsoft Share
|
12-10-2018 - 22:08 | 11-03-2015 - 10:59 | |
CVE-2015-1624 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 11-03-2015 - 10:59 | |
CVE-2015-1708 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1685 | 4.3 |
Microsoft Internet Explorer 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass."
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1625 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 11-03-2015 - 10:59 | |
CVE-2015-1682 | 9.3 |
Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Office 2013 RT SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Office for Mac 2011,
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1660 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1713 | 6.8 |
Microsoft Internet Explorer 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1694 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1683 | 9.3 |
Microsoft Office 2007 SP3 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1658 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1711 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1670 | 4.3 |
The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2, allows remote attackers to obtain sensitive information from process memory via a crafted OpenType font on a web site, aka "OpenType F
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1659 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1639 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Office for Mac 2011 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Outlook App for Mac XSS Vulnerability."
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1714 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1668 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1651 | 9.3 |
Use-after-free vulnerability in Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Component Use After Free Vulnerability." <a
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1705 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1703 | 6.8 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1704.
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1692 | 4.3 |
Microsoft Internet Explorer 7 through 11 allows user-assisted remote attackers to read the clipboard contents via crafted web script, aka "Internet Explorer Clipboard Information Disclosure Vulnerability."
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1687 | 9.3 |
Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 10-06-2015 - 01:59 | |
CVE-2015-1691 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1684 | 4.3 |
VBScript.dll in the Microsoft VBScript 5.6 through 5.8 engine, as used in Internet Explorer 8 through 11 and other products, allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript ASLR Bypass."
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1665 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1652 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1704 | 6.8 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1703.
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1657 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1666 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1717 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1688 | 6.8 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1662 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1649 | 9.3 |
Use-after-free vulnerability in Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps Server 2010 SP2 allows remote attackers t
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1634 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 11-03-2015 - 10:59 | |
CVE-2015-1623 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 11-03-2015 - 10:59 | |
CVE-2015-1709 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1626 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 11-03-2015 - 10:59 | |
CVE-2015-1712 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1710 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1700 | 6.0 |
Microsoft SharePoint Server 2007 SP3, SharePoint Foundation 2010 SP2, SharePoint Server 2010 SP2, and SharePoint Foundation 2013 SP1 allow remote authenticated users to execute arbitrary code via crafted page content, aka "Microsoft SharePoint Page C
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1686 | 4.3 |
The Microsoft (1) VBScript 5.6 through 5.8 and (2) JScript 5.6 through 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript and
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1667 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 14-04-2015 - 20:59 | |
CVE-2015-1633 | 3.5 |
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2010 SP2, SharePoint Server 2010 SP2, SharePoint Foundation 2013 Gold and SP1, and SharePoint Server 2013 Gold and SP1 allows remote authenticated users to inject arbitrary w
|
12-10-2018 - 22:08 | 11-03-2015 - 10:59 | |
CVE-2015-1622 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 11-03-2015 - 10:59 | |
CVE-2015-1729 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:08 | 14-07-2015 - 21:59 | |
CVE-2015-1706 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-1689 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
CVE-2015-0066 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 11-02-2015 - 03:01 | |
CVE-2015-0053 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0050 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0038 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0040 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0036 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0028 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0026 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0037 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0045 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0044 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0032 | 9.3 |
vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 8 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScri
|
12-10-2018 - 22:08 | 11-03-2015 - 10:59 | |
CVE-2015-0068 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:08 | 11-02-2015 - 03:01 | |
CVE-2015-0054 | 4.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:08 | 11-02-2015 - 03:01 | |
CVE-2015-0043 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0097 | 9.3 |
Microsoft Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Excel 2010 SP2, PowerPoint 2010 SP2, and Word 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Word Local Zone Remote Code Execution
|
12-10-2018 - 22:08 | 11-03-2015 - 10:59 | |
CVE-2015-0051 | 4.3 |
Microsoft Internet Explorer 8 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0029 | 9.3 |
Microsoft Internet Explorer 6 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0069 | 4.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."
|
12-10-2018 - 22:08 | 11-02-2015 - 03:01 | |
CVE-2015-0064 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word Automation Services in SharePoint Server 2010, Web Applications 2010 SP2, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial
|
12-10-2018 - 22:08 | 11-02-2015 - 03:01 | |
CVE-2015-0067 | 9.3 |
Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 11-02-2015 - 03:01 | |
CVE-2015-0031 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0070 | 4.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."
|
12-10-2018 - 22:08 | 11-02-2015 - 03:01 | |
CVE-2015-0025 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0100 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 11-03-2015 - 10:59 | |
CVE-2015-0042 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0052 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0055 | 4.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:08 | 11-02-2015 - 03:01 | |
CVE-2015-0041 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0048 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0065 | 9.3 |
Microsoft Word 2007 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "OneTableDocumentStream Remote Code Execution Vulnerability."
|
12-10-2018 - 22:08 | 11-02-2015 - 03:01 | |
CVE-2015-0056 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 11-03-2015 - 10:59 | |
CVE-2015-0027 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0099 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 11-03-2015 - 10:59 | |
CVE-2015-0035 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0039 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0030 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0085 | 9.3 |
Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 Gold and SP1, Word 2013 Gold and SP1, Office 2013 RT Gold
|
12-10-2018 - 22:08 | 11-03-2015 - 10:59 | |
CVE-2015-0049 | 9.3 |
Microsoft Internet Explorer 8 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2015-0086 | 9.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 Gold and SP1, Word 2013 RT Gold and SP1, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Ser
|
12-10-2018 - 22:08 | 11-03-2015 - 10:59 | |
CVE-2015-0046 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2014-8966 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-6348 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6356 | 9.3 |
Array index error in Microsoft Word 2007 SP3, Word 2010 SP2, and Office Compatibility Pack SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Invalid Index Remote Code Execution Vulnerability."
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-6349 | 4.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-6350.
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6340 | 4.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6330 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-6351 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-4081 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-6373 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-6357 | 9.3 |
Use-after-free vulnerability in Microsoft Office 2010 SP2, Office 2013 Gold and SP1, Office 2013 RT Gold and SP1, Office for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 Gold an
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-6328 | 5.0 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the XSS filter via a crafted attribute of an element in an HTML document, aka "Internet Explorer XSS Filter Bypass Vulnerability," a different vulnerability than CVE-2014-6365
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-4093 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-6368 | 4.3 |
Microsoft Internet Explorer 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-4104 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4084 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-6369 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-4082 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-6333 | 9.3 |
Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Double Delete Remote Code Execution Vulnerability."
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-4132 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4111 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4101 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4089 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-6343 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6334 | 9.3 |
Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Bad Index Remote Code Execu
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-4122 | 4.3 |
Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 omits the ASLR protection mechanism, which allows remote attackers to obtain potentially sensitive information about memory addresses by leveraging the predictability of an executable image's location,
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4108 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4096 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4087 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4080 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-6360 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, and Office Compatibility Pack allow remote attackers to execute arbitrary code via a crafted Office document, aka "Global Free Remote Code Execution in Excel Vulnerability."
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-6342 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6335 | 9.3 |
Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Invalid Pointer Remote Code
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6323 | 4.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to obtain sensitive clipboard information via a crafted web site, aka "Internet Explorer Clipboard Information Disclosure Vulnerability."
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6375 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-6353 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6374 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-4109 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4088 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-6363 | 9.3 |
vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScri
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-4086 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4079 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-6354 | 7.6 |
Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11 allows remote attackers to execute arbitrary code.
|
12-10-2018 - 22:07 | 27-06-2017 - 20:29 | |
CVE-2014-6350 | 4.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-6349.
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6344 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6339 | 5.0 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6327 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-6365 | 4.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the XSS filter via a crafted attribute of an element in an HTML document, aka "Internet Explorer XSS Filter Bypass Vulnerability," a different vulnerability than CVE-2014-6328
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-6347 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6341 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6337 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6366 | 9.3 |
Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-6346 | 4.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6376 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-6361 | 9.3 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 Gold and SP1, Excel 2013 RT Gold and SP1, and Office Compatibility Pack allow remote attackers to execute arbitrary code via a crafted Office document, aka "Excel Invalid Pointer Remote Code Execut
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-6345 | 4.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-6329 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:07 | 11-12-2014 - 00:59 | |
CVE-2014-4143 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 11-11-2014 - 22:55 | |
CVE-2014-4129 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4110 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4097 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4140 | 4.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4103 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4092 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4141 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4133 | 9.3 |
Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4100 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4090 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4128 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4117 | 9.3 |
Microsoft Office 2007 SP3, Word 2007 SP3, Office 2010 SP1 and SP2, Word 2010 SP1 and SP2, Office for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP1 and SP2, and Word Web Apps 2010 Gold, SP1, and SP2 al
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4105 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4095 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4127 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4102 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4124 | 6.8 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-4123.
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4094 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4083 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4130 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4107 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4138 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4126 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4098 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4137 | 9.3 |
Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4106 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4085 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4091 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2014-4134 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4121 | 10.0 |
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly parse internationalized resource identifiers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a craf
|
12-10-2018 - 22:07 | 15-10-2014 - 10:55 | |
CVE-2014-4099 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 10-09-2014 - 01:55 | |
CVE-2015-0022 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 11-02-2015 - 03:00 | |
CVE-2015-0017 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 11-02-2015 - 03:00 | |
CVE-2015-0021 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-02-2015 - 03:00 | |
CVE-2015-0018 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:07 | 11-02-2015 - 03:00 | |
CVE-2015-0019 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:07 | 11-02-2015 - 03:00 | |
CVE-2015-0014 | 10.0 |
Buffer overflow in the Telnet service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary
|
12-10-2018 - 22:07 | 13-01-2015 - 22:59 | |
CVE-2015-0020 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:07 | 11-02-2015 - 03:00 | |
CVE-2015-0023 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:07 | 11-02-2015 - 03:00 | |
CVE-2014-4058 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2799 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 10-09-2014 - 01:55 | |
CVE-2014-2792 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-4050 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2820 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2810 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-4067 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2803 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2775 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2766 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2760 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2754 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-4063 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-4059 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 10-09-2014 - 01:55 | |
CVE-2014-2826 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2819 | 6.8 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2811 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2807 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2778 | 9.3 |
Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted embedded font in a (1) .doc or (2) .docx document, aka "Embedded Font Vulnerabil
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2773 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2769 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2764 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2761 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2758 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2753 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-4065 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 10-09-2014 - 01:55 | |
CVE-2014-4056 | 9.3 |
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-4052 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-4073 | 10.0 |
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 processes unverified data during interaction with the ClickOnce installer, which allows remote attackers to gain privileges via vectors involving Internet Explorer, aka ".NET Clic
|
12-10-2018 - 22:06 | 15-10-2014 - 10:55 | |
CVE-2014-4057 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2794 | 9.3 |
Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2788 | 9.3 |
Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2783 | 6.4 |
Microsoft Internet Explorer 7 through 11 does not prevent use of wildcard EV SSL certificates, which might allow remote attackers to spoof a trust level by leveraging improper issuance of a wildcard certificate by a recognized Certification Authority
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2824 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2796 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2789 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2774 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2765 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2755 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2822 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2809 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2804 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2800 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2795 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2791 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2787 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2785 | 9.3 |
Microsoft Internet Explorer 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2772 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2768 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2821 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2813 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2808 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2806 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2802 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2798 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2784 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2823 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2801 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2797 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2786 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2782 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 19-06-2014 - 10:50 | |
CVE-2014-2777 | 7.5 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary web script with increased privileges via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2771 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2767 | 9.3 |
Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2759 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2756 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-4051 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2827 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2818 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2825 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-2790 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-2776 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2770 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2763 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-2757 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-4055 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 12-08-2014 - 21:55 | |
CVE-2014-1805 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1797 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1789 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1804 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1788 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1774 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1802 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1775 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1800 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1786 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1796 | 9.3 |
Microsoft Internet Explorer 6 and 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1780 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1769 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1784 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1778 | 6.8 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary web script with increased privileges via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1771 | 6.8 |
SChannel in Microsoft Internet Explorer 6 through 11 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-the-middle attackers to obtain sensitive information or modify
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1824 | 9.3 |
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted Jo
|
12-10-2018 - 22:06 | 08-07-2014 - 22:55 | |
CVE-2014-1791 | 9.3 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1815 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as exploited in the wild in May 2014, aka "Internet Explorer Memory Corruption Vulnera
|
12-10-2018 - 22:06 | 14-05-2014 - 11:13 | |
CVE-2014-1783 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1770 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript code that interacts improperly with a CollectGarbage function call on a CMarkup object allocated by the
|
12-10-2018 - 22:06 | 22-05-2014 - 11:14 | |
CVE-2014-1782 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1772 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1799 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1790 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1777 | 4.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to read local files on the client via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1813 | 8.5 |
Microsoft Web Applications 2010 SP1 and SP2 allows remote authenticated users to execute arbitrary code via crafted page content, aka "Web Applications Page Content Vulnerability."
|
12-10-2018 - 22:06 | 14-05-2014 - 11:13 | |
CVE-2014-1795 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1781 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1794 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1803 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1792 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1785 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1779 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2014-1773 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 11-06-2014 - 04:56 | |
CVE-2013-5791 | 1.5 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.4.1 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters. NOTE: the previous infor
|
12-10-2018 - 22:05 | 16-10-2013 - 15:55 | |
CVE-2013-5763 | 1.5 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Maintenance. NOTE: the original disclosure
|
12-10-2018 - 22:05 | 12-12-2013 - 20:55 | |
CVE-2013-5059 | 6.8 |
Microsoft SharePoint Server 2010 SP1 and SP2 and 2013, and Office Web Apps 2013, allows remote attackers to execute arbitrary code via crafted page content, aka "SharePoint Page Content Vulnerabilities."
|
12-10-2018 - 22:05 | 11-12-2013 - 00:55 | |
CVE-2013-5051 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 11-12-2013 - 00:55 | |
CVE-2013-5046 | 6.2 |
Microsoft Internet Explorer 7 through 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code, aka "Internet Explorer Elevation of Privilege Vulner
|
12-10-2018 - 22:05 | 11-12-2013 - 00:55 | |
CVE-2013-5047 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 11-12-2013 - 00:55 | |
CVE-2013-5052 | 9.3 |
Microsoft Internet Explorer 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 11-12-2013 - 00:55 | |
CVE-2013-5045 | 6.2 |
Microsoft Internet Explorer 10 and 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code, aka "Internet Explorer Elevation of Privilege Vulnerabi
|
12-10-2018 - 22:05 | 11-12-2013 - 00:55 | |
CVE-2013-3916 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 13-11-2013 - 00:55 | |
CVE-2013-5049 | 9.3 |
Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 11-12-2013 - 00:55 | |
CVE-2013-3910 | 9.3 |
Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 13-11-2013 - 00:55 | |
CVE-2013-3912 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 13-11-2013 - 00:55 | |
CVE-2013-3908 | 4.3 |
Microsoft Internet Explorer 6 through 10 allows user-assisted remote attackers to bypass the Same Origin Policy and obtain sensitive information from any visited document via a crafted web page that is not properly handled during a print-preview acti
|
12-10-2018 - 22:05 | 13-11-2013 - 00:55 | |
CVE-2013-3895 | 6.8 |
Microsoft SharePoint Server 2007 SP3 and 2010 SP1 and SP2 allows remote attackers to conduct clickjacking attacks via a crafted web page, aka "Parameter Injection Vulnerability."
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-3911 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 13-11-2013 - 00:55 | |
CVE-2013-3891 | 9.3 |
Microsoft Word 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-3875 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-5048 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 11-12-2013 - 00:55 | |
CVE-2013-3914 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 13-11-2013 - 00:55 | |
CVE-2013-3882 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-3860 | 7.8 |
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly parse a DTD during XML digital-signature validation, which allows remote attackers to cause a denial of service (application crash or hang) via a crafted signed XML d
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-3885 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-3909 | 4.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to read content from a different (1) domain or (2) zone via crafted characters in Cascading Style Sheets (CSS) token sequences, aka "Internet Explorer Information Disclosure Vulnerabilit
|
12-10-2018 - 22:05 | 13-11-2013 - 00:55 | |
CVE-2013-3890 | 9.3 |
Microsoft Excel 2007 SP3, Excel Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Excel Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-3870 | 9.3 |
Double free vulnerability in Microsoft Outlook 2007 SP3 and 2010 SP1 and SP2 allows remote attackers to execute arbitrary code by including many nested S/MIME certificates in an e-mail message, aka "Message Certificate Vulnerability."
|
12-10-2018 - 22:05 | 11-09-2013 - 14:03 | |
CVE-2013-3874 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-3889 | 9.3 |
Microsoft Excel 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; Office Compatibility Pack SP3; and Excel Services and Word Automation Services in SharePoint Serve
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-4015 | 6.9 |
Microsoft Internet Explorer 6 through 10 allows local users to bypass the elevation policy check in the (1) Protected Mode or (2) Enhanced Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute san
|
12-10-2018 - 22:05 | 26-07-2013 - 12:05 | |
CVE-2013-3872 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-3861 | 7.8 |
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 allows remote attackers to cause a denial of service (application crash or hang) via crafted character sequences in JSON data, aka "JSON Parsing Vulnerability."
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-3858 | 9.3 |
Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary c
|
12-10-2018 - 22:05 | 11-09-2013 - 14:03 | |
CVE-2013-3886 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-3871 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-3857 | 9.3 |
Microsoft Word Automation Services in SharePoint Server 2010 SP1 and SP2, Word Web App 2010 SP1 and SP2 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1 and SP2, Office Compatibility Pack SP3, and Word Viewer allow remote attacker
|
12-10-2018 - 22:05 | 11-09-2013 - 14:03 | |
CVE-2013-3873 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-3915 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 13-11-2013 - 00:55 | |
CVE-2013-3880 | 3.5 |
The App Container feature in the kernel-mode drivers in Microsoft Windows 8, Windows Server 2012, and Windows RT allows remote attackers to bypass intended access restrictions and obtain sensitive information from a different container via a Trojan h
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-3917 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 13-11-2013 - 00:55 | |
CVE-2013-3892 | 9.3 |
Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2014-1751 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:05 | 08-04-2014 - 23:55 | |
CVE-2014-1763 | 10.0 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at Can
|
12-10-2018 - 22:05 | 27-04-2014 - 10:55 | |
CVE-2014-1754 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2013 Gold and SP1, SharePoint Foundation 2013 Gold and SP1, Office Web Apps Server 2013 Gold and SP1, and SharePoint Server 2013 Client Components SDK allows remote attackers to
|
12-10-2018 - 22:05 | 14-05-2014 - 11:13 | |
CVE-2014-1758 | 9.3 |
Stack-based buffer overflow in Microsoft Word 2003 SP3 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Word Stack Overflow Vulnerability."
|
12-10-2018 - 22:05 | 08-04-2014 - 23:55 | |
CVE-2014-1765 | 7.6 |
Multiple use-after-free vulnerabilities in Microsoft Internet Explorer 6 through 11 allow remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by Sebastian Apelt and Andreas Schmidt during a Pwn2Own competition at CanSe
|
12-10-2018 - 22:05 | 27-04-2014 - 10:55 | |
CVE-2014-1759 | 9.3 |
pubconv.dll in Microsoft Publisher 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via a crafted .pub file, aka "Arbitrary Pointer Dereference
|
12-10-2018 - 22:05 | 08-04-2014 - 23:55 | |
CVE-2014-1764 | 10.0 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism by leveraging "object confusion" in a broker process, as demonstrated by VUPEN during a Pwn2Own competition at CanSec
|
12-10-2018 - 22:05 | 27-04-2014 - 10:55 | |
CVE-2014-1755 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:05 | 08-04-2014 - 23:55 | |
CVE-2014-1760 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 08-04-2014 - 23:55 | |
CVE-2014-1752 | 9.3 |
Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 08-04-2014 - 23:55 | |
CVE-2014-1753 | 9.3 |
Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 08-04-2014 - 23:55 | |
CVE-2014-1762 | 7.5 |
Unspecified vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code with medium-integrity privileges and bypass a sandbox protection mechanism via unknown vectors, as demonstrated by ZDI during a Pw
|
12-10-2018 - 22:05 | 27-04-2014 - 10:55 | |
CVE-2014-1757 | 9.3 |
Microsoft Word 2007 SP3 and 2010 SP1 and SP2, and Office Compatibility Pack SP3, allocates memory incorrectly for file conversions from a binary (aka .doc) format to a newer format, which allows remote attackers to execute arbitrary code via a crafte
|
12-10-2018 - 22:05 | 08-04-2014 - 23:55 | |
CVE-2014-0284 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0267 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0298 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0285 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0325 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site that triggers improper processing of CElement objects, aka "Intern
|
12-10-2018 - 22:05 | 03-07-2014 - 14:55 | |
CVE-2014-0282 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 11-06-2014 - 04:56 | |
CVE-2014-0281 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0288 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0308 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0314 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0277 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0299 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0287 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0270 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0290 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0275 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0294 | 10.0 |
Microsoft Forefront Protection 2010 for Exchange Server does not properly parse e-mail content, which might allow remote attackers to execute arbitrary code via a crafted message, aka "RCE Vulnerability."
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0313 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0297 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0276 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0304 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0268 | 4.3 |
Microsoft Internet Explorer 8 through 11 does not properly restrict file installation and registry-key creation, which allows remote attackers to bypass the Mandatory Integrity Control protection mechanism via a crafted web site, aka "Internet Explor
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0307 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a certain sequence of manipulations of a TextRange element, aka "Internet Explorer Me
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0259 | 9.3 |
Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 15-01-2014 - 16:13 | |
CVE-2014-0321 | 9.3 |
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than C
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0303 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0289 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0293 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0273 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0311 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0269 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0305 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0283 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0274 | 9.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0312 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0286 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0271 | 9.3 |
The VBScript engine in Microsoft Internet Explorer 6 through 11, and VBScript 5.6 through 5.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memory Corruption
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0309 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0280 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0310 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 14-05-2014 - 11:13 | |
CVE-2014-0279 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0258 | 9.3 |
Microsoft Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerab
|
12-10-2018 - 22:05 | 15-01-2014 - 16:13 | |
CVE-2014-0306 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0272 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2014-0251 | 9.0 |
Microsoft Windows SharePoint Services 3.0 SP3; SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 Gold and SP1; SharePoint Foundation 2010 SP1 and SP2 and 2013 Gold and SP1; Project Server 2010 SP1 and SP2 and 2013 Gold and SP1; Web Applications
|
12-10-2018 - 22:05 | 14-05-2014 - 11:13 | |
CVE-2014-0324 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0302 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than
|
12-10-2018 - 22:05 | 12-03-2014 - 05:15 | |
CVE-2014-0278 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
CVE-2013-3125 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013
|
12-10-2018 - 22:04 | 12-06-2013 - 03:30 | |
CVE-2013-3142 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 12-06-2013 - 03:30 | |
CVE-2013-3188 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:04 | 14-08-2013 - 11:10 | |
CVE-2013-3178 | 9.3 |
Microsoft Silverlight 5 before 5.1.20513.0 does not properly initialize arrays, which allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via a crafted Silverlight application, aka "Null Pointer V
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3153 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3117 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-
|
12-10-2018 - 22:04 | 12-06-2013 - 03:29 | |
CVE-2013-3112 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 12-06-2013 - 03:29 | |
CVE-2013-3191 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
12-10-2018 - 22:04 | 14-08-2013 - 11:10 | |
CVE-2013-3162 | 9.3 |
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3202 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3846 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CSpliceTreeEngine::InsertSplice object in an HTML document, aka "Int
|
12-10-2018 - 22:04 | 29-12-2013 - 04:25 | |
CVE-2013-3776 | 6.8 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7, 8.4.0, and 8.4.1 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulne
|
12-10-2018 - 22:04 | 17-07-2013 - 13:41 | |
CVE-2013-3209 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3159 | 4.3 |
Microsoft Excel 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Excel Viewer; and Microsoft Office Compatibility Pack SP3 allow remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an en
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3150 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3122 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-
|
12-10-2018 - 22:04 | 12-06-2013 - 03:30 | |
CVE-2013-3206 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3194 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 14-08-2013 - 11:10 | |
CVE-2013-3133 | 9.3 |
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check the permissions of objects that use reflection, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafte
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3123 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 12-06-2013 - 03:30 | |
CVE-2013-3205 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3189 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:04 | 14-08-2013 - 11:10 | |
CVE-2013-3171 | 9.3 |
The serialization functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly check the permissions of delegate objects, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser a
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3145 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3781 | 6.8 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7, 8.4.0, and 8.4.1 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulne
|
12-10-2018 - 22:04 | 17-07-2013 - 13:41 | |
CVE-2013-3201 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3190 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 14-08-2013 - 11:10 | |
CVE-2013-3179 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "SharePoint XSS Vulnerability."
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3160 | 5.0 |
Microsoft Office 2003 SP3 and 2007 SP3, Word 2003 SP3 and 2007 SP3, and Word Viewer allow remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XM
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3203 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3132 | 9.3 |
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check the permissions of objects that use reflection, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBA
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3127 | 9.3 |
The Microsoft WMV video codec in wmv9vcm.dll, wmvdmod.dll in Windows Media Format Runtime 9 and 9.5, and wmvdecod.dll in Windows Media Format Runtime 11 and Windows Media Player 11 and 12 allows remote attackers to execute arbitrary code via a crafte
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3847 | 9.3 |
Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary c
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3156 | 9.3 |
Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file, aka "Access File Format Memory Corruption Vulnerab
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3116 | 9.3 |
Microsoft Internet Explorer 7 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 12-06-2013 - 03:29 | |
CVE-2013-3207 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3187 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
12-10-2018 - 22:04 | 14-08-2013 - 11:10 | |
CVE-2013-3164 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3161 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3139 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 12-06-2013 - 03:30 | |
CVE-2013-3119 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
12-10-2018 - 22:04 | 12-06-2013 - 03:29 | |
CVE-2013-3140 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted CMarkup object, aka "Internet Explorer Use After Free Vulnerability."
|
12-10-2018 - 22:04 | 16-12-2013 - 15:14 | |
CVE-2013-3113 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 12-06-2013 - 03:29 | |
CVE-2013-3124 | 9.3 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-
|
12-10-2018 - 22:04 | 12-06-2013 - 03:30 | |
CVE-2013-3199 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 14-08-2013 - 11:10 | |
CVE-2013-3147 | 9.3 |
Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3115 | 9.3 |
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3849 | 9.3 |
Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary c
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3180 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 and SP2 and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted POST request, aka "POST XSS Vulnerability."
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3146 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3155 | 9.3 |
Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file, aka "Access Memory Corruption Vulnerability," a di
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3149 | 9.3 |
Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3848 | 9.3 |
Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary c
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3208 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3144 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3148 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3134 | 9.3 |
The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 on 64-bit platforms does not properly allocate arrays of structures, which allows remote attackers to execute arbitrary code via a crafted .NET Framework ap
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3120 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013
|
12-10-2018 - 22:04 | 12-06-2013 - 03:30 | |
CVE-2013-3111 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 12-06-2013 - 03:29 | |
CVE-2013-3152 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3141 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:04 | 12-06-2013 - 03:30 | |
CVE-2013-3114 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
12-10-2018 - 22:04 | 12-06-2013 - 03:29 | |
CVE-2013-3845 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3204 | 9.3 |
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3193 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
12-10-2018 - 22:04 | 14-08-2013 - 11:10 | |
CVE-2013-3184 | 9.3 |
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 14-08-2013 - 11:10 | |
CVE-2013-3158 | 9.3 |
Microsoft Excel 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3121 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 12-06-2013 - 03:30 | |
CVE-2013-3166 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to inject arbitrary web script or HTML via vectors involving incorrect auto-selection of the Shift JIS encoding, leading to cross-domain scro
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3157 | 9.3 |
Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file, aka "Access Memory Corruption Vulnerability," a di
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3143 | 9.3 |
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CV
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3118 | 9.3 |
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013
|
12-10-2018 - 22:04 | 12-06-2013 - 03:29 | |
CVE-2013-3151 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3131 | 9.3 |
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5, and Silverlight 5 before 5.1.20513.0, does not properly prevent changes to data in multidimensional arrays of structures, which allows remote attackers to execute arbitrary code via (1) a craf
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3126 | 9.3 |
Microsoft Internet Explorer 9 and 10, when script debugging is enabled, does not properly handle objects in memory during the processing of script, which allows remote attackers to execute arbitrary code via a crafted web site, aka "Internet Explorer
|
12-10-2018 - 22:04 | 12-06-2013 - 03:30 | |
CVE-2013-3110 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:04 | 12-06-2013 - 03:29 | |
CVE-2013-2393 | 1.5 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 and 8.4.0 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.
|
12-10-2018 - 22:04 | 17-04-2013 - 17:55 | |
CVE-2013-1310 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability."
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1311 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability."
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1329 | 9.3 |
Integer signedness error in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers a buffer underflow, aka "Publisher Buffer Underflow Vulnerability."
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1335 | 9.3 |
Microsoft Word 2003 SP3 and Word Viewer allow remote attackers to execute arbitrary code via crafted shape data in a Word document, aka "Word Shape Corruption Vulnerability."
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1318 | 10.0 |
Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers access to an invalid pointer, aka "Publisher Corrupt Interface Pointer Vulnerability."
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1306 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnera
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1324 | 9.3 |
Stack-based buffer overflow in Microsoft Office 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT allows remote attackers to execute arbitrary code via a crafted WordPerfect document (.wpd) file, aka "Word Stack Buffer Overwrite Vulnerability."
|
12-10-2018 - 22:04 | 13-11-2013 - 00:55 | |
CVE-2013-1330 | 10.0 |
The default configuration of Microsoft SharePoint Portal Server 2003 SP3, SharePoint Server 2007 SP3 and 2010 SP1 and SP2, and Office Web Apps 2010 does not set the EnableViewStateMac attribute, which allows remote attackers to execute arbitrary code
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-1325 | 9.3 |
Heap-based buffer overflow in Microsoft Office 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code via a crafted WordPerfect document (.wpd) file, aka "Word Heap Overwrite Vulnerability."
|
12-10-2018 - 22:04 | 13-11-2013 - 00:55 | |
CVE-2013-1308 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a differ
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1323 | 9.3 |
Microsoft Publisher 2003 SP3 does not properly handle NULL values for unspecified data items, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Incorrect NULL Value Handling Vulnerability."
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1327 | 9.3 |
Integer signedness error in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers an improper memory allocation, aka "Publisher Signed Integer Vulnerability."
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1320 | 10.0 |
Buffer overflow in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Buffer Overflow Vulnerability."
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1309 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a differ
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1317 | 9.3 |
Integer overflow in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers an improper allocation-size calculation, aka "Publisher Integer Overflow Vulnerability."
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1307 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different v
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1296 | 9.3 |
The Remote Desktop ActiveX control in mstscax.dll in Microsoft Remote Desktop Connection Client 6.1 and 7.0 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via a web page that triggers access to a d
|
12-10-2018 - 22:04 | 09-04-2013 - 22:55 | |
CVE-2013-1319 | 10.0 |
Microsoft Publisher 2003 SP3 does not properly check the return value of an unspecified method, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Return Value Handling Vulnerability."
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1297 | 4.3 |
Microsoft Internet Explorer 6 through 8 does not properly restrict data access by VBScript, which allows remote attackers to perform cross-domain reading of JSON files via a crafted web site, aka "JSON Array Information Disclosure Vulnerability."
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1338 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a differ
|
12-10-2018 - 22:04 | 02-05-2013 - 03:31 | |
CVE-2013-1302 | 9.3 |
Microsoft Communicator 2007 R2, Lync 2010, Lync 2010 Attendee, and Lync Server 2013 do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an invitation that triggers access to a deleted object, aka "Lyn
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1316 | 9.3 |
Microsoft Publisher 2003 SP3 does not properly validate the size of an unspecified array, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Negative Value Allocation Vulnerability."
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1321 | 9.3 |
Microsoft Publisher 2003 SP3 does not properly check the data type of an unspecified return value, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Return Value Validation Vulnerability."
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1313 | 9.3 |
Object Linking and Embedding (OLE) Automation in Microsoft Windows XP SP3 does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted RTF document, aka "OLE Automation Remote Code Execution Vulnerability."
|
12-10-2018 - 22:04 | 13-02-2013 - 12:04 | |
CVE-2013-1328 | 9.3 |
Microsoft Publisher 2003 SP3, 2007 SP3, and 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers incorrect pointer handling, aka "Publisher Pointer Handling Vulnerability."
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1312 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability."
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1322 | 10.0 |
Microsoft Publisher 2003 SP3 does not properly check table range data, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Invalid Range Check Vulnerability."
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2012-4786 | 10.0 |
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute
|
12-10-2018 - 22:03 | 12-12-2012 - 00:55 | |
CVE-2012-3214 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7.0 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.
|
12-10-2018 - 22:03 | 17-10-2012 - 00:55 | |
CVE-2012-3110 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
12-10-2018 - 22:03 | 17-07-2012 - 23:55 | |
CVE-2012-3108 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
12-10-2018 - 22:03 | 17-07-2012 - 23:55 | |
CVE-2012-3106 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
12-10-2018 - 22:03 | 17-07-2012 - 23:55 | |
CVE-2012-4781 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "InjectHTMLStream Use After Free Vulnerability."
|
12-10-2018 - 22:03 | 12-12-2012 - 00:55 | |
CVE-2012-3107 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
12-10-2018 - 22:03 | 17-07-2012 - 23:55 | |
CVE-2012-3217 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7.0 allows context-dependent attackers to affect availability, related to Outside In HTML Export SDK. Per: http://www.oracle.com/technetwork/topic
|
12-10-2018 - 22:03 | 17-10-2012 - 10:54 | |
CVE-2012-3109 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-
|
12-10-2018 - 22:03 | 17-07-2012 - 23:55 | |
CVE-2012-2521 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Asynchronous NULL Object Access Remote Code Execution Vulnerability."
|
12-10-2018 - 22:03 | 15-08-2012 - 01:55 | |
CVE-2012-2523 | 9.3 |
Integer overflow in Microsoft Internet Explorer 8 and 9, JScript 5.8, and VBScript 5.8 on 64-bit platforms allows remote attackers to execute arbitrary code by leveraging an incorrect size calculation during object copying, aka "JavaScript Integer Ov
|
12-10-2018 - 22:03 | 15-08-2012 - 01:55 | |
CVE-2012-2528 | 9.3 |
Use-after-free vulnerability in Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; Word Automation Services on Microsoft SharePoint Server 2010; and Office Web Apps 2010 SP1 allows remote atta
|
12-10-2018 - 22:03 | 09-10-2012 - 21:55 | |
CVE-2012-2522 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a malformed virtual function table after this table's deletion, aka "Virtual Function Table Corru
|
12-10-2018 - 22:03 | 15-08-2012 - 01:55 | |
CVE-2012-2543 | 9.3 |
Stack-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and 2010 SP1; Office 2011 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Stack O
|
12-10-2018 - 22:03 | 14-11-2012 - 00:55 | |
CVE-2012-2557 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "cloneNode Use After Free Vulnerability."
|
12-10-2018 - 22:03 | 21-09-2012 - 21:55 | |
CVE-2012-2526 | 9.3 |
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP3 does not properly process packets in memory, which allows remote attackers to execute arbitrary code by sending crafted RDP packets triggering access to a deleted object, ak
|
12-10-2018 - 22:03 | 15-08-2012 - 01:55 | |
CVE-2013-0811 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different v
|
12-10-2018 - 22:03 | 15-05-2013 - 03:36 | |
CVE-2012-2548 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Layout Use After Free Vulnerability."
|
12-10-2018 - 22:03 | 21-09-2012 - 21:55 | |
CVE-2012-2546 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Event Listener Use After Free Vulnerability."
|
12-10-2018 - 22:03 | 21-09-2012 - 21:55 | |
CVE-2012-2520 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft InfoPath 2007 SP2 and SP3 and 2010 SP1, Communicator 2007 R2, Lync 2010 and 2010 Attendee, SharePoint Server 2007 SP2 and SP3 and 2010 SP1, Groove Server 2010 SP1, Windows SharePoint Services 3.0
|
12-10-2018 - 22:03 | 09-10-2012 - 21:55 | |
CVE-2012-2524 | 9.3 |
Microsoft Office 2007 SP2 and SP3 and 2010 SP1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Computer Graphics Metafile (CGM) file, aka "CGM File Format Memory Corruption Vulnerabilit
|
12-10-2018 - 22:03 | 15-08-2012 - 01:55 | |
CVE-2012-2550 | 9.3 |
Microsoft Works 9 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted Word .doc file, aka "Works Heap Vulnerability."
|
12-10-2018 - 22:03 | 09-10-2012 - 21:55 | |
CVE-2013-0418 | 6.8 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 and 8.4 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability t
|
12-10-2018 - 22:03 | 17-01-2013 - 01:55 | |
CVE-2013-0393 | 6.8 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 and 8.4 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability t
|
12-10-2018 - 22:03 | 17-01-2013 - 01:55 | |
CVE-2013-0079 | 9.3 |
Microsoft Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file that triggers incorrect memory allocation, aka "Visio Viewer Tree Object Type Confusion Vulnerability."
|
12-10-2018 - 22:03 | 13-03-2013 - 00:55 | |
CVE-2013-0027 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CPasteCommand Use After Free Vulnerabil
|
12-10-2018 - 22:03 | 13-02-2013 - 12:04 | |
CVE-2013-0015 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not properly perform auto-selection of the Shift JIS encoding, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site that triggers cross-domain scroll
|
12-10-2018 - 22:03 | 13-02-2013 - 12:04 | |
CVE-2013-0025 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer SLayoutRun Use After Free Vulnerability."
|
12-10-2018 - 22:03 | 13-02-2013 - 12:04 | |
CVE-2013-0081 | 5.0 |
Microsoft SharePoint Portal Server 2003 SP3 and SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 do not properly process unassigned workflows, which allows remote attackers to cause a denial of service (W3WP process hang) via a crafted URL, aka
|
12-10-2018 - 22:03 | 11-09-2013 - 14:03 | |
CVE-2013-0028 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CObjectElement Use After Free Vulnerabil
|
12-10-2018 - 22:03 | 13-02-2013 - 12:04 | |
CVE-2013-0082 | 9.3 |
Microsoft Office 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code via a crafted WordPerfect document (.wpd) file, aka "WPD File Format Memory Corruption Vulnerability."
|
12-10-2018 - 22:03 | 13-11-2013 - 00:55 | |
CVE-2013-0018 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer SetCapture Use After Free Vulnerability.
|
12-10-2018 - 22:03 | 13-02-2013 - 12:04 | |
CVE-2012-1847 | 9.3 |
Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 and 2011 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 do not properly handle memory during the opening of files, which allows remote attackers to execu
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2012-1885 | 9.3 |
Heap-based buffer overflow in Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Office 2008 and 2011 for Mac; and Office Compatibility Pack SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Se
|
12-10-2018 - 22:02 | 14-11-2012 - 00:55 | |
CVE-2012-1772 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
12-10-2018 - 22:02 | 17-07-2012 - 23:55 | |
CVE-2012-1888 | 9.3 |
Buffer overflow in Microsoft Visio 2010 SP1 and Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file, aka "Visio DXF File Format Buffer Overflow Vulnerability."
|
12-10-2018 - 22:02 | 15-08-2012 - 01:55 | |
CVE-2012-1769 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
12-10-2018 - 22:02 | 17-07-2012 - 23:55 | |
CVE-2012-1766 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
12-10-2018 - 22:02 | 17-07-2012 - 23:55 | |
CVE-2012-1768 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-
|
12-10-2018 - 22:02 | 17-07-2012 - 23:55 | |
CVE-2012-1853 | 10.0 |
Stack-based buffer overflow in the Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP3 allows remote attackers to execute arbitrary code via crafted RAP response packets, aka "Remote Admini
|
12-10-2018 - 22:02 | 15-08-2012 - 01:55 | |
CVE-2012-1852 | 10.0 |
Heap-based buffer overflow in the Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via crafted RAP response packets, aka "Remote
|
12-10-2018 - 22:02 | 15-08-2012 - 01:55 | |
CVE-2012-1770 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
12-10-2018 - 22:02 | 17-07-2012 - 23:55 | |
CVE-2012-1771 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
12-10-2018 - 22:02 | 17-07-2012 - 23:55 | |
CVE-2012-1529 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2) is deleted, aka "OnMove Use Af
|
12-10-2018 - 22:02 | 21-09-2012 - 21:55 | |
CVE-2012-1887 | 9.3 |
Use-after-free vulnerability in Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1, and Office 2008 and 2011 for Mac, allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel SST Invalid Length Use After Free Vuln
|
12-10-2018 - 22:02 | 14-11-2012 - 00:55 | |
CVE-2012-1526 | 9.3 |
Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not initialized or (2) is deleted, aka "Layout Memory Corruption Vulnerability
|
12-10-2018 - 22:02 | 15-08-2012 - 01:55 | |
CVE-2012-1773 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
12-10-2018 - 22:02 | 17-07-2012 - 23:55 | |
CVE-2012-1767 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
12-10-2018 - 22:02 | 17-07-2012 - 23:55 | |
CVE-2012-1854 | 6.9 |
Untrusted search path vulnerability in VBE6.dll in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Microsoft Visual Basic for Applications (VBA); and Summit Microsoft Visual Basic for Applications SDK allows local users to gain pr
|
12-10-2018 - 22:02 | 10-07-2012 - 21:55 | |
CVE-2012-1537 | 9.3 |
Heap-based buffer overflow in DirectPlay in DirectX 9.0 through 11.1 in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012
|
12-10-2018 - 22:02 | 12-12-2012 - 00:55 | |
CVE-2012-1886 | 9.3 |
Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Excel Viewer; and Office Compatibility Pack SP2 and SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel
|
12-10-2018 - 22:02 | 14-11-2012 - 00:55 | |
CVE-2012-0167 | 9.3 |
Heap-based buffer overflow in the Office GDI+ library in Microsoft Office 2003 SP3 and 2007 SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted EMF image in an Office document, aka "GDI+ Heap Overflow Vulnerability."
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2012-0165 | 9.3 |
GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2 and Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1 does not properly validate record types in EMF images, which allows remote attackers to execute arbitrary code via a crafted image, a
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2012-0142 | 9.3 |
Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 do not properly handle memory during the opening of files, which allows remote attackers to execute arbitr
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2012-0016 | 9.3 |
Untrusted search path vulnerability in Microsoft Expression Design; Expression Design SP1; and Expression Design 2, 3, and 4 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory
|
12-10-2018 - 22:02 | 13-03-2012 - 21:55 | |
CVE-2012-0183 | 9.3 |
Microsoft Word 2003 SP3 and 2007 SP2 and SP3, Office 2008 and 2011 for Mac, and Office Compatibility Pack SP2 and SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, aka "RTF Mis
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2012-0185 | 9.3 |
Heap-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and 2010 Gold and SP1, Excel Viewer, and Office Compatibility Pack SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet that triggers incorrect handling
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2012-0138 | 9.3 |
Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability
|
12-10-2018 - 22:02 | 14-02-2012 - 22:55 | |
CVE-2012-0181 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly manage Keyboard L
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2012-0162 | 9.3 |
Microsoft .NET Framework 4 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka ".NET Framework Buffer Alloc
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2012-0020 | 9.3 |
Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability
|
12-10-2018 - 22:02 | 14-02-2012 - 22:55 | |
CVE-2012-0184 | 9.3 |
Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 and 2011 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 do not properly handle memory during the opening of files, which allows remote attackers to execu
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2012-0164 | 5.0 |
Microsoft .NET Framework 4 does not properly compare index values, which allows remote attackers to cause a denial of service (application hang) via crafted requests to a Windows Presentation Foundation (WPF) application, aka ".NET Framework Index Co
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2012-0141 | 9.3 |
Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2011 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 do not properly handle memory during the opening of files, which allows remote attackers to execute arbitr
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2012-0176 | 9.3 |
Double free vulnerability in Microsoft Silverlight 4 before 4.1.10329 on Windows allows remote attackers to execute arbitrary code via vectors involving crafted XAML glyphs, aka "Silverlight Double-Free Vulnerability."
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2012-0160 | 9.3 |
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1, 3.5.1, and 4 does not properly serialize input data, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2012-0136 | 9.3 |
Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability
|
12-10-2018 - 22:02 | 14-02-2012 - 22:55 | |
CVE-2012-0161 | 9.3 |
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1, 3.5.1, and 4 does not properly handle an unspecified exception during use of partially trusted assemblies to serialize input data, which allows remote attackers to execute arbitrar
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2012-0159 | 9.3 |
Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview; Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Silverlight 4 bef
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2012-0137 | 9.3 |
Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability
|
12-10-2018 - 22:02 | 14-02-2012 - 22:55 | |
CVE-2012-0019 | 9.3 |
Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability
|
12-10-2018 - 22:02 | 14-02-2012 - 22:55 | |
CVE-2012-0177 | 9.3 |
Heap-based buffer overflow in the Office Works File Converter in Microsoft Office 2007 SP2, Works 9, and Works 6-9 File Converter allows remote attackers to execute arbitrary code via a crafted Works (aka .wps) file, aka "Office WPS Converter Heap Ov
|
12-10-2018 - 22:02 | 10-04-2012 - 21:55 | |
CVE-2012-0018 | 9.3 |
Microsoft Visio Viewer 2010 Gold and SP1 does not properly validate attributes in Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "VSD File Format Memory Corruption Vulnerability."
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2012-0182 | 9.3 |
Microsoft Word 2007 SP2 and SP3 does not properly handle memory during the parsing of Word documents, which allows remote attackers to execute arbitrary code via a crafted document, aka "Word PAPX Section Corruption Vulnerability."
|
12-10-2018 - 22:02 | 09-10-2012 - 21:55 | |
CVE-2012-0163 | 9.3 |
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validate function parameters, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted AS
|
12-10-2018 - 22:02 | 10-04-2012 - 21:55 | |
CVE-2012-0143 | 9.3 |
Microsoft Excel 2003 SP3 and Office 2008 for Mac do not properly handle memory during the opening of files, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Memory Corruption Using Various Modified Bytes V
|
12-10-2018 - 22:02 | 09-05-2012 - 00:55 | |
CVE-2011-3403 | 9.3 |
Microsoft Excel 2003 SP3 and Office 2004 for Mac do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via a crafted Excel spreadsheet, aka "Record Memory Corruption Vulnerability."
|
12-10-2018 - 22:01 | 14-12-2011 - 00:55 | |
CVE-2011-3413 | 9.3 |
Microsoft PowerPoint 2007 SP2; Office 2008 for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and PowerPoint Viewer 2007 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory
|
12-10-2018 - 22:01 | 14-12-2011 - 00:55 | |
CVE-2011-3396 | 9.3 |
Untrusted search path vulnerability in Microsoft PowerPoint 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "PowerPoint Insecure Library Loading Vulnerability." Per: http://technet.
|
12-10-2018 - 22:01 | 14-12-2011 - 00:55 | |
CVE-2011-3410 | 9.3 |
Array index error in Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, allows remote attackers to execute arbitrary code via a crafted Publisher file that leverages incorrect handling of values in memory, aka "Publisher Out-of-bounds Array Index Vu
|
12-10-2018 - 22:01 | 14-12-2011 - 00:55 | |
CVE-2011-3412 | 9.3 |
Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, allows remote attackers to execute arbitrary code via a crafted Publisher file that leverages incorrect memory handling, aka "Publisher Memory Corruption Vulnerability."
|
12-10-2018 - 22:01 | 14-12-2011 - 00:55 | |
CVE-2011-3411 | 9.3 |
Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that leverages incorrect handling of values in memory, aka "Publisher Invalid Pointer Vulnerability."
|
12-10-2018 - 22:01 | 14-12-2011 - 00:55 | |
CVE-2011-5046 | 9.3 |
The Graphics Device Interface (GDI) in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly valida
|
12-10-2018 - 22:01 | 30-12-2011 - 19:55 | |
CVE-2011-1969 | 9.3 |
Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 provides the MicrosoftClient.jar file containing a signed Java applet, which allows remote attackers to execute arbitrary code on client machines via unspecified
|
12-10-2018 - 22:01 | 12-10-2011 - 02:52 | |
CVE-2011-1982 | 9.3 |
Microsoft Office 2007 SP2, and 2010 Gold and SP1, does not initialize an unspecified object pointer during the opening of Word documents, which allows remote attackers to execute arbitrary code via a crafted document, aka "Office Uninitialized Object
|
12-10-2018 - 22:01 | 15-09-2011 - 12:26 | |
CVE-2011-1987 | 9.3 |
Array index error in Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in Office 2010 Gold and SP1; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Offic
|
12-10-2018 - 22:01 | 15-09-2011 - 12:26 | |
CVE-2011-1972 | 9.3 |
Microsoft Visio 2003 SP3, 2007 SP2, and 2010 Gold and SP1 does not properly validate objects in memory during Visio file parsing, which allows remote attackers to execute arbitrary code via a crafted file, aka "pStream Release RCE Vulnerability."
|
12-10-2018 - 22:01 | 10-08-2011 - 21:55 | |
CVE-2011-1986 | 9.3 |
Use-after-free vulnerability in Microsoft Excel 2003 SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Use after Free WriteAV Vulnerability."
|
12-10-2018 - 22:01 | 15-09-2011 - 12:26 | |
CVE-2011-1988 | 9.3 |
Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not proper
|
12-10-2018 - 22:01 | 15-09-2011 - 12:26 | |
CVE-2011-1990 | 9.3 |
Microsoft Excel 2007 SP2; Excel in Office 2007 SP2; Excel Viewer SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and Excel Services on Office SharePoint Server 2007 SP2 do not properly validate the sign of an uns
|
12-10-2018 - 22:01 | 15-09-2011 - 12:26 | |
CVE-2011-1896 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "ExcelTable Reflected XSS
|
12-10-2018 - 22:01 | 12-10-2011 - 02:52 | |
CVE-2011-1989 | 9.3 |
Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in Office 2010 Gold and SP1; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; Office Compatibility Pack for
|
12-10-2018 - 22:01 | 15-09-2011 - 12:26 | |
CVE-2011-1983 | 9.3 |
Use-after-free vulnerability in Microsoft Office 2007 SP2 and SP3, Office 2010 Gold and SP1, and Office for Mac 2011 allows remote attackers to execute arbitrary code via a crafted Word document, aka "Word Use After Free Vulnerability."
|
12-10-2018 - 22:01 | 14-12-2011 - 00:55 | |
CVE-2011-1895 | 4.3 |
CRLF injection vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks and cross-site scripting (XS
|
12-10-2018 - 22:01 | 12-10-2011 - 02:52 | |
CVE-2011-1979 | 9.3 |
Microsoft Visio 2003 SP3 and 2007 SP2 does not properly validate objects in memory during Visio file parsing, which allows remote attackers to execute arbitrary code via a crafted file, aka "Move Around the Block RCE Vulnerability."
|
12-10-2018 - 22:01 | 10-08-2011 - 21:55 | |
CVE-2011-1897 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Default Reflected XSS Vul
|
12-10-2018 - 22:01 | 12-10-2011 - 02:52 | |
CVE-2011-2012 | 5.0 |
Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 does not properly validate session cookies, which allows remote attackers to cause a denial of service (IIS outage) via unspecified network traffic, aka "Null Ses
|
12-10-2018 - 22:01 | 12-10-2011 - 02:52 | |
CVE-2011-1980 | 9.3 |
Untrusted search path vulnerability in Microsoft Office 2003 SP3 and 2007 SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .doc, .ppt, or .xls file, aka
|
12-10-2018 - 22:01 | 15-09-2011 - 12:26 | |
CVE-2011-1275 | 9.3 |
Microsoft Excel 2002 SP3; Office 2004, 2008, and 2011 for Mac; and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cau
|
12-10-2018 - 22:00 | 16-06-2011 - 20:55 | |
CVE-2011-1272 | 9.3 |
Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate rec
|
12-10-2018 - 22:00 | 16-06-2011 - 20:55 | |
CVE-2011-1274 | 9.3 |
Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate rec
|
12-10-2018 - 22:00 | 16-06-2011 - 20:55 | |
CVE-2011-1270 | 9.3 |
Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "Presentation Buffer Overrun RCE Vulnerability."
|
12-10-2018 - 22:00 | 13-05-2011 - 17:05 | |
CVE-2011-1273 | 9.3 |
Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly
|
12-10-2018 - 22:00 | 16-06-2011 - 20:55 | |
CVE-2011-1278 | 9.3 |
Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted
|
12-10-2018 - 22:00 | 16-06-2011 - 20:55 | |
CVE-2011-1277 | 9.3 |
Microsoft Excel 2002 SP3, Office 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of s
|
12-10-2018 - 22:00 | 16-06-2011 - 20:55 | |
CVE-2011-1269 | 9.3 |
Microsoft PowerPoint 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 make unspecified function calls during fi
|
12-10-2018 - 22:00 | 13-05-2011 - 17:05 | |
CVE-2011-1279 | 9.3 |
Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code
|
12-10-2018 - 22:00 | 16-06-2011 - 20:55 | |
CVE-2011-1276 | 9.3 |
Buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows re
|
12-10-2018 - 22:00 | 16-06-2011 - 20:55 | |
CVE-2011-1243 | 9.3 |
The Windows Messenger ActiveX control in msgsc.dll in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via unspecified vectors that "corrupt the system state," aka "Microsoft Windows Messenger ActiveX Control Vulnera
|
12-10-2018 - 22:00 | 13-04-2011 - 18:55 | |
CVE-2010-3973 | 9.3 |
The WMITools ActiveX control in WBEMSingleView.ocx 1.50.1131.0 in Microsoft WMI Administrative Tools 1.1 and earlier in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted argument to the AddContextRef met
|
12-10-2018 - 21:59 | 23-12-2010 - 18:00 | |
CVE-2010-5082 | 9.3 |
Untrusted search path vulnerability in colorcpl.exe 6.0.6000.16386 in the Color Control Panel in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 allows local users to gain privileges via a Trojan horse sti.dll file in the current working directory,
|
12-10-2018 - 21:59 | 17-01-2012 - 19:55 | |
CVE-2011-0656 | 9.3 |
Microsoft PowerPoint 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; PowerPoint Viewer; PowerPoint V
|
12-10-2018 - 21:59 | 13-04-2011 - 18:55 | |
CVE-2011-0104 | 9.3 |
Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HLink record in an Excel f
|
12-10-2018 - 21:59 | 13-04-2011 - 18:55 | |
CVE-2011-0093 | 9.3 |
ELEMENTS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 does not properly parse structures during the opening of a Visio file, which allows remote attackers to execute arbitrary code via a file containing a malformed structure, aka "Visio Da
|
12-10-2018 - 21:59 | 10-02-2011 - 16:00 | |
CVE-2011-0107 | 9.3 |
Untrusted search path vulnerability in Microsoft Office XP SP3, Office 2003 SP3, and Office 2007 SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .docx f
|
12-10-2018 - 21:59 | 13-04-2011 - 18:55 | |
CVE-2011-0092 | 9.3 |
The LZW stream decompression functionality in ORMELEMS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 allows remote attackers to execute arbitrary code via a Visio file with a malformed VisioDocument stream that triggers an exception handler
|
12-10-2018 - 21:59 | 10-02-2011 - 16:00 | |
CVE-2011-0978 | 9.3 |
Stack-based buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary c
|
12-10-2018 - 21:59 | 10-02-2011 - 19:00 | |
CVE-2011-0101 | 9.3 |
Microsoft Excel 2002 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted RealTimeData record, related to a stTopic field, double-byte characters, and an incorrect pointer calculation, a
|
12-10-2018 - 21:59 | 13-04-2011 - 18:55 | |
CVE-2011-0103 | 9.3 |
Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted record information in an Exc
|
12-10-2018 - 21:59 | 13-04-2011 - 18:55 | |
CVE-2011-0976 | 9.3 |
Microsoft PowerPoint 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and PowerPoint Viewer 2007 SP2 do not proper
|
12-10-2018 - 21:59 | 10-02-2011 - 19:00 | |
CVE-2011-0655 | 9.3 |
Microsoft PowerPoint 2007 SP2 and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; PowerPoint Viewer; PowerPoint Viewer 2007 SP2; and P
|
12-10-2018 - 21:59 | 13-04-2011 - 18:55 | |
CVE-2011-0977 | 9.3 |
Use-after-free vulnerability in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via malformed shape data in the Offi
|
12-10-2018 - 21:59 | 10-02-2011 - 19:00 | |
CVE-2011-0980 | 9.3 |
Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly parse Office Art objects, which allows remote attackers to execute arbitrary code via vectors related to a function pointe
|
12-10-2018 - 21:59 | 10-02-2011 - 19:00 | |
CVE-2011-0098 | 9.3 |
Integer signedness error in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Format
|
12-10-2018 - 21:59 | 13-04-2011 - 18:55 | |
CVE-2011-0979 | 9.3 |
Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; and Excel Viewer SP2 do not properly handle errors during the parsing of Office Art records in Excel spreadsheets, wh
|
12-10-2018 - 21:59 | 10-02-2011 - 19:00 | |
CVE-2011-0105 | 9.3 |
Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac obtain a certain length value from an uninitialized memory location, which allows remote attackers to trigger a buffer overflow and execute arbitrary c
|
12-10-2018 - 21:59 | 13-04-2011 - 18:55 | |
CVE-2011-0097 | 9.3 |
Integer underflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 a
|
12-10-2018 - 21:59 | 13-04-2011 - 18:55 | |
CVE-2010-3946 | 9.3 |
Integer overflow in the PICT image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted PICT image in an Office document, aka "PICT Im
|
12-10-2018 - 21:58 | 16-12-2010 - 19:33 | |
CVE-2010-3954 | 9.3 |
Microsoft Publisher 2002 SP3, 2003 SP3, and 2010 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Publisher file, aka "Microsoft Publisher Memory Corruption Vulnerability."
|
12-10-2018 - 21:58 | 16-12-2010 - 19:33 | |
CVE-2010-3967 | 9.3 |
Untrusted search path vulnerability in Microsoft Windows Movie Maker (WMM) 2.6 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a Movie Maker (MSWMM) file, aka
|
12-10-2018 - 21:58 | 16-12-2010 - 19:33 | |
CVE-2010-3952 | 9.3 |
The FlashPix image converter in the graphics filters in Microsoft Office XP SP3 and Office Converter Pack allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted FlashPix image in an Offic
|
12-10-2018 - 21:58 | 16-12-2010 - 19:33 | |
CVE-2010-3950 | 9.3 |
The TIFF image converter in the graphics filters in Microsoft Office XP SP3, Office Converter Pack, and Works 9 does not properly convert data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) v
|
12-10-2018 - 21:58 | 16-12-2010 - 19:33 | |
CVE-2010-3955 | 9.3 |
pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3 does not properly perform array indexing, which allows remote attackers to execute arbitrary code via a crafted Publisher file that uses an old file format, aka "Array Inde
|
12-10-2018 - 21:58 | 16-12-2010 - 19:33 | |
CVE-2010-3964 | 7.5 |
Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007 SP2, when the Document Conversions Load Balancer Service is enabled, allows remote attackers to execute arbitrary code via
|
12-10-2018 - 21:58 | 16-12-2010 - 19:33 | |
CVE-2010-3951 | 9.3 |
Buffer overflow in the FlashPix image converter in the graphics filters in Microsoft Office XP SP3 and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted FlashPix image in an Office document, aka "FlashPix Image Con
|
12-10-2018 - 21:58 | 16-12-2010 - 19:33 | |
CVE-2010-3947 | 9.3 |
Heap-based buffer overflow in the TIFF image converter in the graphics filters in Microsoft Office XP SP3, Office Converter Pack, and Works 9 allows remote attackers to execute arbitrary code via a crafted TIFF image in an Office document, aka "TIFF
|
12-10-2018 - 21:58 | 16-12-2010 - 19:33 | |
CVE-2010-3945 | 9.3 |
Buffer overflow in the CGM image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted CGM image in an Office document, aka "CGM Image
|
12-10-2018 - 21:58 | 16-12-2010 - 19:33 | |
CVE-2010-3949 | 9.3 |
Buffer overflow in the TIFF image converter in the graphics filters in Microsoft Office XP SP3 and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted TIFF image in an Office document, aka "TIFF Image Converter Buffe
|
12-10-2018 - 21:58 | 16-12-2010 - 19:33 | |
CVE-2010-3240 | 9.3 |
Microsoft Excel 2002 SP3 and 2007 SP2; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information, which allows remote attackers to execute arbitrary code via a cr
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3237 | 9.3 |
Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Merge Cell Record Pointer Vulnerability."
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3218 | 9.3 |
Heap-based buffer overflow in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via malformed records in a Word document, aka "Word Heap Overflow Vulnerability."
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3215 | 9.3 |
Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle unspecified return values during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "W
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3233 | 9.3 |
Microsoft Excel 2002 SP3 and 2003 SP3 does not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted .wk3 (aka Lotus 1-2-3 workbook) file, aka "Lotus 1-2-3 Workbook Parsing Vulnerability."
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3241 | 9.3 |
Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate binary file-format information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Out
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3238 | 9.3 |
Microsoft Excel 2002 SP3 and 2003 SP3, and Office 2004 for Mac, does not properly validate binary file-format information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Negative Future Function Vulnerabili
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3221 | 9.3 |
Microsoft Word 2002 SP3 and 2003 SP3, Office 2004 for Mac, and Word Viewer do not properly handle a malformed record during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memor
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-2747 | 9.3 |
Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle an uninitialized pointer during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Wo
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3334 | 9.3 |
Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via an Office document containing a
|
12-10-2018 - 21:58 | 10-11-2010 - 03:00 | |
CVE-2010-3242 | 9.3 |
Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Ghost Record Ty
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3138 | 9.3 |
Untrusted search path vulnerability in the Indeo Codec in iac25_32.ax in Microsoft Windows XP SP3 allows local users to gain privileges via a Trojan horse iacenc.dll file in the current working directory, as demonstrated by access through BS.Player o
|
12-10-2018 - 21:58 | 27-08-2010 - 19:00 | |
CVE-2010-2750 | 9.3 |
Array index error in Microsoft Word 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Index Vulnerability."
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3337 | 9.3 |
Untrusted search path vulnerability in Microsoft Office 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Insecure Library Loading Vulnerability." NOTE: this might overlap CVE-2010-3
|
12-10-2018 - 21:58 | 10-11-2010 - 03:00 | |
CVE-2010-3230 | 9.3 |
Integer overflow in Microsoft Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel document with crafted record information, aka "Excel Record Parsing Integer Overflow Vulnerability."
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3336 | 9.3 |
Microsoft Office XP SP3, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "MSO Large SPID
|
12-10-2018 - 21:58 | 10-11-2010 - 03:00 | |
CVE-2010-3235 | 9.3 |
Microsoft Excel 2002 SP3 does not properly validate formula information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Formula Biff Record Vulnerability."
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3216 | 9.3 |
Microsoft Word 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a crafted Word document containing bookmarks that trigger use of an invalid pointer and memory corruption, aka "Word Bookmarks Vulnerability."
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-2573 | 9.3 |
Integer underflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3, PowerPoint Viewer SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint Integer Underflow Causes Heap Corrupt
|
12-10-2018 - 21:58 | 10-11-2010 - 03:00 | |
CVE-2010-3217 | 9.3 |
Double free vulnerability in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via a Word document with crafted List Format Override (LFO) records, aka "Word Pointer Vulnerability."
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3236 | 9.3 |
Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Ou
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-2748 | 9.3 |
Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly check an unspecified boundary during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-2728 | 9.3 |
Heap-based buffer overflow in Microsoft Outlook 2002 SP3, 2003 SP3, and 2007 SP2, when Online Mode for an Exchange Server is enabled, allows remote attackers to execute arbitrary code via a crafted e-mail message, aka "Heap Based Buffer Overflow in O
|
12-10-2018 - 21:58 | 15-09-2010 - 19:00 | |
CVE-2010-2571 | 9.3 |
Array index error in pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher 97 file, aka "Memory Corruption Due To Invalid Index Into Array
|
12-10-2018 - 21:58 | 16-12-2010 - 19:33 | |
CVE-2010-3335 | 9.3 |
Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a crafted Office document that
|
12-10-2018 - 21:58 | 10-11-2010 - 03:00 | |
CVE-2010-3231 | 9.3 |
Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Excel Record Pa
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3239 | 9.3 |
Microsoft Excel 2002 SP3 does not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Extra Out of Boundary Record Parsing Vulnerability."
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3220 | 9.3 |
Unspecified vulnerability in Microsoft Word 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Parsing Vulnerability."
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3146 | 9.3 |
Multiple untrusted search path vulnerabilities in Microsoft Groove 2007 SP2 allow local users to gain privileges via a Trojan horse (1) mso.dll or (2) GroovePerfmon.dll file in the current working directory, as demonstrated by a directory that contai
|
12-10-2018 - 21:58 | 27-08-2010 - 19:00 | |
CVE-2010-3214 | 9.3 |
Stack-based buffer overflow in Microsoft Word 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; Word Viewer;
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3145 | 9.3 |
Untrusted search path vulnerability in the BitLocker Drive Encryption API, as used in sdclt.exe in Backup Manager in Microsoft Windows Vista SP1 and SP2, allows local users to gain privileges via a Trojan horse fveapi.dll file in the current working
|
12-10-2018 - 21:58 | 27-08-2010 - 19:00 | |
CVE-2010-3232 | 9.3 |
Microsoft Excel 2003 SP3 and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record informa
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3234 | 9.3 |
Microsoft Excel 2002 SP3 does not properly validate formula information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Formula Substream Memory Corruption Vulnerability."
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3219 | 9.3 |
Array index vulnerability in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Index Parsing Vulnerability."
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3148 | 9.3 |
Untrusted search path vulnerability in Microsoft Visio 2003 SP3 allows local users to gain privileges via a Trojan horse mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .vsd, .vdx, .vst, or .vtx file
|
12-10-2018 - 21:58 | 27-08-2010 - 19:00 | |
CVE-2010-2570 | 9.3 |
Heap-based buffer overflow in pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3, 2003 SP3, 2007 SP2, and 2010 allows remote attackers to execute arbitrary code via a crafted Publisher file that uses an old file format, aka
|
12-10-2018 - 21:57 | 16-12-2010 - 19:33 | |
CVE-2010-2562 | 9.3 |
Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code or cause a denial of service (
|
12-10-2018 - 21:57 | 11-08-2010 - 18:47 | |
CVE-2010-1903 | 9.3 |
Microsoft Office Word 2002 SP3 and 2003 SP3, and Office Word Viewer, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed record in a Word file, aka "Word HTML Linked Objects Memory Corrup
|
12-10-2018 - 21:57 | 11-08-2010 - 18:47 | |
CVE-2010-1263 | 9.3 |
Windows Shell and WordPad in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; Microsoft Office XP SP3; Office 2003 SP3; and Office System 2007 SP1 and SP2 do n
|
12-10-2018 - 21:57 | 08-06-2010 - 20:30 | |
CVE-2010-1246 | 9.3 |
Stack-based buffer overflow in Microsoft Office Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel file with a malformed RTD (0x813) record, aka "Excel RTD Memory Corruption Vulnerability."
|
12-10-2018 - 21:57 | 08-06-2010 - 20:30 | |
CVE-2010-1902 | 9.3 |
Buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File For
|
12-10-2018 - 21:57 | 11-08-2010 - 18:47 | |
CVE-2010-1250 | 9.3 |
Heap-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with malformed (1) EDG (0x88) and
|
12-10-2018 - 21:57 | 08-06-2010 - 20:30 | |
CVE-2010-1252 | 9.3 |
Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Excel file, aka "Excel String Variable Vulnerability."
|
12-10-2018 - 21:57 | 08-06-2010 - 20:30 | |
CVE-2010-2564 | 9.3 |
Buffer overflow in Microsoft Windows Movie Maker (WMM) 2.1, 2.6, and 6.0 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted project file, aka "Movie Maker Memory Corruption Vulnerability."
|
12-10-2018 - 21:57 | 11-08-2010 - 18:47 | |
CVE-2010-2569 | 9.3 |
pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3, 2003 SP3, and 2007 SP2 does not properly handle an unspecified size field in certain older file formats, which allows remote attackers to execute arbitrary code or cause a
|
12-10-2018 - 21:57 | 16-12-2010 - 19:33 | |
CVE-2010-1901 | 9.3 |
Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not pro
|
12-10-2018 - 21:57 | 11-08-2010 - 18:47 | |
CVE-2010-1247 | 9.3 |
Unspecified vulnerability in Microsoft Office Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel file with a malformed RTD (0x813) record that triggers heap corruption, aka "Excel Memory Corruption Vulnerability," a differe
|
12-10-2018 - 21:57 | 08-06-2010 - 20:30 | |
CVE-2010-2561 | 9.3 |
Microsoft XML Core Services (aka MSXML) 3.0 does not properly handle HTTP responses, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted response, aka "Msxml2.XMLHTTP.3.0 Response Han
|
12-10-2018 - 21:57 | 11-08-2010 - 18:47 | |
CVE-2010-1881 | 9.3 |
The FieldList ActiveX control in the Microsoft Access Wizard Controls in ACCWIZ.dll in Microsoft Office Access 2003 SP3 does not properly interact with the memory-access approach used by Internet Explorer and Office during instantiation, which allows
|
12-10-2018 - 21:57 | 15-07-2010 - 12:57 | |
CVE-2010-1253 | 9.3 |
Microsoft Office Excel 2002 SP3, 2007 SP1, and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; allows remote attackers
|
12-10-2018 - 21:57 | 08-06-2010 - 20:30 | |
CVE-2010-1254 | 6.9 |
The installation for Microsoft Open XML File Format Converter for Mac sets insecure ACLs for the /Applications folder, which allows local users to execute arbitrary code by replacing the executable with a Trojan Horse, aka "Mac Office Open XML Permis
|
12-10-2018 - 21:57 | 08-06-2010 - 20:30 | |
CVE-2010-1245 | 9.3 |
Unspecified vulnerability in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed SxView (0xB0) reco
|
12-10-2018 - 21:57 | 08-06-2010 - 20:30 | |
CVE-2010-1900 | 9.3 |
Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and Works 9 d
|
12-10-2018 - 21:57 | 11-08-2010 - 18:47 | |
CVE-2010-1880 | 9.3 |
Unspecified vulnerability in Quartz.dll for DirectShow on Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1, and Server 2008 allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "M
|
12-10-2018 - 21:57 | 08-06-2010 - 22:30 | |
CVE-2010-1249 | 9.3 |
Buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed ExternName (0x23) record, ak
|
12-10-2018 - 21:57 | 08-06-2010 - 20:30 | |
CVE-2010-1879 | 9.3 |
Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media Format Runtime 9, 9.5, and 11; Media Encoder 9; and the Asycfilt.dll COM component allows remote attackers to execute arbitrary code via a media file with crafted compression data,
|
12-10-2018 - 21:57 | 08-06-2010 - 22:30 | |
CVE-2010-1251 | 9.3 |
Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Excel file, aka "Excel Record Stack Corruption Vulnerability."
|
12-10-2018 - 21:57 | 08-06-2010 - 20:30 | |
CVE-2010-1898 | 9.3 |
The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP1, 2.0 SP2, 3.5, 3.5 SP1, and 3.5.1, and Microsoft Silverlight 2 and 3 before 3.0.50611.0 on Windows and before 3.0.41130.0 on Mac OS X, does not properly handle interfaces and deleg
|
12-10-2018 - 21:57 | 11-08-2010 - 18:47 | |
CVE-2010-1248 | 9.3 |
Buffer overflow in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed HFPicture (0x866) record, aka "Excel HFPicture Memory Corruption Vulnerability."
|
12-10-2018 - 21:57 | 08-06-2010 - 20:30 | |
CVE-2010-0822 | 9.3 |
Stack-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a crafted OBJ (0x5D) record,
|
12-10-2018 - 21:57 | 08-06-2010 - 20:30 | |
CVE-2010-0814 | 9.3 |
The Microsoft Access Wizard Controls in ACCWIZ.dll in Microsoft Office Access 2003 SP3 and 2007 SP1 and SP2 do not properly interact with the memory-allocation approach used by Internet Explorer during instantiation, which allows remote attackers to
|
12-10-2018 - 21:57 | 15-07-2010 - 12:57 | |
CVE-2010-0824 | 9.3 |
Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed WOPT (0x80B) record, aka "Excel Record Memory Corruption Vulnerability," a diffe
|
12-10-2018 - 21:57 | 08-06-2010 - 20:30 | |
CVE-2010-0815 | 9.3 |
VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Visual Basic for Applications (VBA), and VBA SDK 6.3 through 6.5 does not properly search for ActiveX controls that are embedded in documents, which allow
|
12-10-2018 - 21:57 | 12-05-2010 - 11:46 | |
CVE-2010-0821 | 9.3 |
Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 SP3, 2007 SP1 and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel
|
12-10-2018 - 21:57 | 08-06-2010 - 20:30 | |
CVE-2010-0823 | 9.3 |
Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 SP3, 2007 SP1 and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel
|
12-10-2018 - 21:57 | 08-06-2010 - 20:30 | |
CVE-2010-0239 | 10.0 |
The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when IPv6 is enabled, does not properly perform bounds checking on ICMPv6 Router Advertisement packets, which allows remote attackers to execute arb
|
12-10-2018 - 21:56 | 10-02-2010 - 18:30 | |
CVE-2010-0268 | 9.3 |
Unspecified vulnerability in the Windows Media Player ActiveX control in Windows Media Player (WMP) 9 on Microsoft Windows 2000 SP4 and XP SP2 and SP3 allows remote attackers to execute arbitrary code via crafted media content, aka "Media Player Remo
|
12-10-2018 - 21:56 | 14-04-2010 - 16:00 | |
CVE-2010-0257 | 9.3 |
Microsoft Office Excel 2002 SP3 does not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Microsoft Office Excel Record Memory Corruption Vulnerability."
|
12-10-2018 - 21:56 | 10-03-2010 - 22:30 | |
CVE-2010-0019 | 9.3 |
Microsoft Silverlight 3 before 3.0.50611.0 on Windows, and before 3.0.41130.0 on Mac OS X, does not properly handle pointers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and framework outage
|
12-10-2018 - 21:56 | 11-08-2010 - 18:47 | |
CVE-2010-0032 | 9.3 |
Use-after-free vulnerability in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "OEPlaceholderAtom Use After Free Vulnerability."
|
12-10-2018 - 21:56 | 10-02-2010 - 18:30 | |
CVE-2010-0030 | 9.3 |
Heap-based buffer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint LinkedSlideAtom Heap Overflow Vulnerability."
|
12-10-2018 - 21:56 | 10-02-2010 - 18:30 | |
CVE-2010-0242 | 7.8 |
The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows remote attackers to cause a denial of service (system hang) via crafted packets with malformed TCP selective acknowledgement (SACK) values, ak
|
12-10-2018 - 21:56 | 10-02-2010 - 18:30 | |
CVE-2010-0479 | 9.3 |
Buffer overflow in Microsoft Office Publisher 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Microsoft Office Publisher File Conversion TextBox Processing Buffer Overflow
|
12-10-2018 - 21:56 | 14-04-2010 - 16:00 | |
CVE-2010-0256 | 7.6 |
Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly calculate unspecified indexes associated with Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Visio Index Calculation Memo
|
12-10-2018 - 21:56 | 14-04-2010 - 16:00 | |
CVE-2010-0263 | 9.3 |
Microsoft Office Excel 2007 SP1 and SP2; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; and Office SharePoint Serv
|
12-10-2018 - 21:56 | 10-03-2010 - 22:30 | |
CVE-2010-0031 | 9.3 |
Array index error in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3, and PowerPoint in Office 2004 for Mac, allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint OEPlaceholderAtom 'placementId' Invali
|
12-10-2018 - 21:56 | 10-02-2010 - 18:30 | |
CVE-2010-0266 | 9.3 |
Microsoft Office Outlook 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 does not properly verify e-mail attachments with a PR_ATTACH_METHOD property value of ATTACH_BY_REFERENCE, which allows user-assisted remote attackers to execute arbitrary code via a c
|
12-10-2018 - 21:56 | 15-07-2010 - 12:57 | |
CVE-2010-0264 | 9.3 |
Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Microsoft O
|
12-10-2018 - 21:56 | 10-03-2010 - 22:30 | |
CVE-2010-0033 | 9.3 |
Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint Viewer TextBytesAtom Record Stack Overflow Vulnerability."
|
12-10-2018 - 21:56 | 10-02-2010 - 18:30 | |
CVE-2010-0262 | 9.3 |
Microsoft Office Excel 2007 SP1 and SP2 and Office 2004 for Mac do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet that triggers access of an uninitialized stack variable, ak
|
12-10-2018 - 21:56 | 10-03-2010 - 22:30 | |
CVE-2010-0034 | 9.3 |
Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "Office PowerPoint Viewer TextCharsAtom Record Stack Overflow Vulnerability."
|
12-10-2018 - 21:56 | 10-02-2010 - 18:30 | |
CVE-2010-0029 | 9.3 |
Buffer overflow in Microsoft Office PowerPoint 2002 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint File Path Handling Buffer Overflow Vulnerability."
|
12-10-2018 - 21:56 | 10-02-2010 - 18:30 | |
CVE-2010-0241 | 10.0 |
The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when IPv6 is enabled, does not properly perform bounds checking on ICMPv6 Route Information packets, which allows remote attackers to execute arbitr
|
12-10-2018 - 21:56 | 10-02-2010 - 18:30 | |
CVE-2010-0260 | 9.3 |
Heap-based buffer overflow in Microsoft Office Excel 2007 SP1 and SP2; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via
|
12-10-2018 - 21:56 | 10-03-2010 - 22:30 | |
CVE-2010-0240 | 10.0 |
The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when a custom network driver is used, does not properly handle local fragmentation of Encapsulating Security Payload (ESP) over UDP packets, which a
|
12-10-2018 - 21:56 | 10-02-2010 - 18:30 | |
CVE-2010-0261 | 9.3 |
Heap-based buffer overflow in Microsoft Office Excel 2007 SP1 and SP2 and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted spreadsheet in which "a
|
12-10-2018 - 21:56 | 10-03-2010 - 22:30 | |
CVE-2010-0254 | 7.6 |
Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly validate attributes in Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Visio Attribute Validation Memory Corruption Vulner
|
12-10-2018 - 21:56 | 14-04-2010 - 16:00 | |
CVE-2009-3130 | 9.3 |
Heap-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via a spreadsheet containing a malformed Binary File Format (aka
|
12-10-2018 - 21:52 | 11-11-2009 - 20:30 | |
CVE-2009-3127 | 9.3 |
Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, and Office Excel Viewer 2003 SP3 do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code
|
12-10-2018 - 21:52 | 11-11-2009 - 19:30 | |
CVE-2009-2528 | 9.3 |
GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Memory Corruption Vu
|
12-10-2018 - 21:52 | 14-10-2009 - 10:30 | |
CVE-2009-3135 | 9.3 |
Stack-based buffer overflow in Microsoft Office Word 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, Office Word Viewer 2003 SP3, and Office Word Viewer allow remote attackers to execute arbitrary code via
|
12-10-2018 - 21:52 | 11-11-2009 - 19:30 | |
CVE-2009-3128 | 9.3 |
Microsoft Office Excel 2002 SP3 and 2003 SP3, and Office Excel Viewer 2003 SP3, does not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a spreadsheet with a malformed record object, aka "Excel SxView
|
12-10-2018 - 21:52 | 11-11-2009 - 19:30 | |
CVE-2009-3132 | 9.3 |
Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and P
|
12-10-2018 - 21:52 | 11-11-2009 - 20:30 | |
CVE-2009-3103 | 10.0 |
Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a denial of service (syste
|
12-10-2018 - 21:52 | 08-09-2009 - 22:30 | |
CVE-2009-2518 | 9.3 |
Integer overflow in GDI+ in Microsoft Office XP SP3 allows remote attackers to execute arbitrary code via an Office document with a bitmap (aka BMP) image that triggers memory corruption, aka "Office BMP Integer Overflow Vulnerability."
|
12-10-2018 - 21:52 | 14-10-2009 - 10:30 | |
CVE-2009-3126 | 9.3 |
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP
|
12-10-2018 - 21:52 | 14-10-2009 - 10:30 | |
CVE-2009-3134 | 9.3 |
Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and P
|
12-10-2018 - 21:52 | 11-11-2009 - 20:30 | |
CVE-2009-3131 | 9.3 |
Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and P
|
12-10-2018 - 21:52 | 11-11-2009 - 20:30 | |
CVE-2009-3133 | 9.3 |
Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a spreadsheet containing a malformed object that triggers memory corruption, related to "lo
|
12-10-2018 - 21:52 | 11-11-2009 - 20:30 | |
CVE-2009-2514 | 9.3 |
win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not correctly parse font code during construction of a directory-entry table, which allows remote attackers to execute arbitrary code via a crafted Embed
|
12-10-2018 - 21:51 | 11-11-2009 - 19:30 | |
CVE-2009-2495 | 7.8 |
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote attackers to obt
|
12-10-2018 - 21:51 | 29-07-2009 - 17:30 | |
CVE-2009-2501 | 9.3 |
Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 G
|
12-10-2018 - 21:51 | 14-10-2009 - 10:30 | |
CVE-2009-2500 | 9.3 |
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP
|
12-10-2018 - 21:51 | 14-10-2009 - 10:30 | |
CVE-2009-2496 | 9.3 |
Heap-based buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, In
|
12-10-2018 - 21:51 | 12-08-2009 - 17:30 | |
CVE-2009-1537 | 9.3 |
Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary cod
|
12-10-2018 - 21:51 | 29-05-2009 - 18:30 | |
CVE-2009-2513 | 7.2 |
The Graphics Device Interface (GDI) in win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 does not properly validate user-mode input, which allows local user
|
12-10-2018 - 21:51 | 11-11-2009 - 19:30 | |
CVE-2009-2512 | 9.3 |
The Web Services on Devices API (WSDAPI) in Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 does not properly process the headers of WSD messages, which allows remote attackers to execute arbitrary code via a crafted (1) message or (2)
|
12-10-2018 - 21:51 | 11-11-2009 - 19:30 | |
CVE-2009-1533 | 9.3 |
Buffer overflow in the Works for Windows document converters in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, Office 2007 SP1, and Works 8.5 and 9 allows remote attackers to execute arbitrary code via a crafted Works .wps file that trigg
|
12-10-2018 - 21:51 | 10-06-2009 - 18:00 | |
CVE-2009-2493 | 9.3 |
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2,
|
12-10-2018 - 21:51 | 29-07-2009 - 17:30 | |
CVE-2009-2505 | 10.0 |
The Internet Authentication Service (IAS) in Microsoft Windows Vista SP2 and Server 2008 SP2 does not properly validate MS-CHAP v2 Protected Extensible Authentication Protocol (PEAP) authentication requests, which allows remote attackers to execute a
|
12-10-2018 - 21:51 | 09-12-2009 - 18:30 | |
CVE-2009-1534 | 9.3 |
Buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2000 Web Components SP3, Office XP Web Components SP3, BizTalk Server 2002, and Visual Studio .NET 2003 SP1 allows remote attackers to execute arbitrary c
|
12-10-2018 - 21:51 | 12-08-2009 - 17:30 | |
CVE-2009-2504 | 9.3 |
Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Mi
|
12-10-2018 - 21:51 | 14-10-2009 - 10:30 | |
CVE-2009-2503 | 9.3 |
GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold a
|
12-10-2018 - 21:51 | 14-10-2009 - 10:30 | |
CVE-2009-2507 | 9.3 |
A certain ActiveX control in the Indexing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly process URLs, which allows remote attackers to execute arbitrary programs via unspecified vectors that cause a "vul
|
12-10-2018 - 21:51 | 14-10-2009 - 10:30 | |
CVE-2009-1137 | 9.3 |
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 4.0 native file format, leading to memory corruption, aka "Legacy File Format Vulne
|
12-10-2018 - 21:51 | 12-05-2009 - 22:30 | |
CVE-2009-1134 | 9.3 |
Excel in 2007 Microsoft Office System SP1 and SP2; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a BIFF file w
|
12-10-2018 - 21:51 | 10-06-2009 - 18:30 | |
CVE-2009-1136 | 9.3 |
The Microsoft Office Web Components Spreadsheet ActiveX control (aka OWC10 or OWC11), as distributed in Office XP SP3 and Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Micro
|
12-10-2018 - 21:51 | 15-07-2009 - 15:30 | |
CVE-2009-0222 | 9.3 |
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 4.0 native file format, leading to a "pointer overwrite" and memory corruption, aka
|
12-10-2018 - 21:50 | 12-05-2009 - 22:30 | |
CVE-2009-1131 | 9.3 |
Multiple stack-based buffer overflows in Microsoft Office PowerPoint 2000 SP3 allow remote attackers to execute arbitrary code via a large amount of data associated with unspecified atoms in a PowerPoint file that triggers memory corruption, aka "Dat
|
12-10-2018 - 21:50 | 12-05-2009 - 22:30 | |
CVE-2009-0225 | 9.3 |
Microsoft Office PowerPoint 2002 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 95 native file format, leading to improper "array indexing" and memory corruption, aka "PP7 Memory Corrupti
|
12-10-2018 - 21:50 | 12-05-2009 - 22:30 | |
CVE-2009-1129 | 9.3 |
Multiple stack-based buffer overflows in the PowerPoint 95 importer (PP7X32.DLL) in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allow remote attackers to execute arbitrary code via an inconsistent record length in sound data in a fil
|
12-10-2018 - 21:50 | 12-05-2009 - 22:30 | |
CVE-2009-0549 | 9.3 |
Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; and Microsoft Office Excel Viewer 2003 SP3 allow remote attackers to execute arbitrary code via a crafted Ex
|
12-10-2018 - 21:50 | 10-06-2009 - 18:30 | |
CVE-2009-0238 | 9.3 |
Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remot
|
12-10-2018 - 21:50 | 25-02-2009 - 16:30 | |
CVE-2009-0559 | 9.3 |
Stack-based buffer overflow in Excel in Microsoft Office 2000 SP3 and Office XP SP3 allows remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka "String Copy Stack-Based Overrun Vulnerability."
|
12-10-2018 - 21:50 | 10-06-2009 - 18:30 | |
CVE-2009-0223 | 9.3 |
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 4.0 native file format, leading to memory corruption, aka "Legacy File Format Vulne
|
12-10-2018 - 21:50 | 12-05-2009 - 22:30 | |
CVE-2009-1128 | 9.3 |
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 95 native file format, leading to memory corruption, aka "PP7 Memory Corruption Vul
|
12-10-2018 - 21:50 | 12-05-2009 - 22:30 | |
CVE-2009-0228 | 10.0 |
Stack-based buffer overflow in the EnumeratePrintShares function in Windows Print Spooler Service (win32spl.dll) in Microsoft Windows 2000 SP4 allows remote printer servers to execute arbitrary code via a crafted ShareName in a response to an RPC req
|
12-10-2018 - 21:50 | 10-06-2009 - 18:00 | |
CVE-2009-0235 | 9.3 |
Stack-based buffer overflow in the Word 97 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted Word 97 file that triggers memory corrupti
|
12-10-2018 - 21:50 | 15-04-2009 - 08:00 | |
CVE-2009-1130 | 9.3 |
Heap-based buffer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3, and PowerPoint in Microsoft Office 2004 for Mac, allows remote attackers to execute arbitrary code via a crafted structure in a Notes container in a PowerPoint file that
|
12-10-2018 - 21:50 | 12-05-2009 - 22:30 | |
CVE-2009-0565 | 9.3 |
Buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Forma
|
12-10-2018 - 21:50 | 10-06-2009 - 18:00 | |
CVE-2009-0227 | 9.3 |
Stack-based buffer overflow in the PowerPoint 4.2 conversion filter (PP4X32.DLL) in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via a large number of structures in sound data in a fil
|
12-10-2018 - 21:50 | 12-05-2009 - 22:30 | |
CVE-2009-0224 | 9.3 |
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; PowerPoint Viewer 2003 and 2007 SP1 and SP2; PowerPoint in Microsoft Office 2004 for Mac and 2008 for Mac; Open XML File Format Converter for Mac; Microsoft Works 8.5 and
|
12-10-2018 - 21:50 | 12-05-2009 - 22:30 | |
CVE-2009-0560 | 9.3 |
Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office
|
12-10-2018 - 21:50 | 10-06-2009 - 18:30 | |
CVE-2009-0558 | 9.3 |
Array index error in Excel in Microsoft Office 2000 SP3 and Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac, allows remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka "Arra
|
12-10-2018 - 21:50 | 10-06-2009 - 18:30 | |
CVE-2009-0220 | 9.3 |
Multiple stack-based buffer overflows in the PowerPoint 4.0 importer (PP4X32.DLL) in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allow remote attackers to execute arbitrary code via crafted formatting data for paragraphs in a file th
|
12-10-2018 - 21:50 | 12-05-2009 - 22:30 | |
CVE-2009-0226 | 9.3 |
Stack-based buffer overflow in the PowerPoint 4.2 conversion filter in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via a long string in sound data in a file that uses a PowerPoint 4.0
|
12-10-2018 - 21:50 | 12-05-2009 - 22:30 | |
CVE-2009-0556 | 9.3 |
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3, and PowerPoint in Microsoft Office 2004 for Mac, allows remote attackers to execute arbitrary code via a PowerPoint file with an OutlineTextRefAtom containing an an invalid index value tha
|
12-10-2018 - 21:50 | 03-04-2009 - 18:30 | |
CVE-2009-1127 | 7.2 |
win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 does not correctly validate an argument to an unspecified system call, which allows local users to gain pr
|
12-10-2018 - 21:50 | 11-11-2009 - 19:30 | |
CVE-2009-0230 | 9.0 |
The Windows Print Spooler in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows remote authenticated users to gain privileges via a crafted RPC message that triggers loading of a DLL file
|
12-10-2018 - 21:50 | 10-06-2009 - 18:00 | |
CVE-2009-0561 | 9.3 |
Integer overflow in Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP
|
12-10-2018 - 21:50 | 10-06-2009 - 18:30 | |
CVE-2009-0901 | 9.3 |
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Serv
|
12-10-2018 - 21:50 | 29-07-2009 - 17:30 | |
CVE-2009-0566 | 9.3 |
Microsoft Office Publisher 2007 SP1 does not properly calculate object handler data for Publisher files, which allows remote attackers to execute arbitrary code via a crafted file in a legacy format that triggers memory corruption, aka "Pointer Deref
|
12-10-2018 - 21:50 | 15-07-2009 - 15:30 | |
CVE-2009-0221 | 9.3 |
Integer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a PowerPoint file containing a crafted record type for "collaboration information for different slides" that contains a field
|
12-10-2018 - 21:50 | 12-05-2009 - 22:30 | |
CVE-2009-0562 | 9.3 |
The Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and Accelerati
|
12-10-2018 - 21:50 | 12-08-2009 - 17:30 | |
CVE-2008-5416 | 9.0 |
Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 an
|
12-10-2018 - 21:49 | 10-12-2008 - 14:00 | |
CVE-2008-4841 | 9.3 |
The WordPad Text Converter for Word 97 files in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf Word 97 file that triggers memory corrupti
|
12-10-2018 - 21:49 | 10-12-2008 - 14:00 | |
CVE-2008-4844 | 9.3 |
Use-after-free vulnerability in the CRecordInstance::TransferToDestination function in mshtml.dll in Microsoft Internet Explorer 5.01, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via DSO bindings involving (1) an XML Island, (2)
|
12-10-2018 - 21:49 | 11-12-2008 - 15:30 | |
CVE-2009-0100 | 9.3 |
Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel in Microsoft Office 2004 and 2008 for Mac; Microsoft Office Excel Viewer and Excel Viewer 2003 SP3; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007
|
12-10-2018 - 21:49 | 15-04-2009 - 08:00 | |
CVE-2009-0102 | 9.3 |
Microsoft Project 2000 SR1 and 2002 SP1, and Office Project 2003 SP3, does not properly handle memory allocation for Project files, which allows remote attackers to execute arbitrary code via a malformed file, aka "Project Memory Validation Vulnerabi
|
12-10-2018 - 21:49 | 09-12-2009 - 18:30 | |
CVE-2009-0099 | 5.0 |
The Electronic Messaging System Microsoft Data Base (EMSMDB32) provider in Microsoft Exchange 2000 Server SP3 and Exchange Server 2003 SP2, as used in Exchange System Attendant, allows remote attackers to cause a denial of service (application outage
|
12-10-2018 - 21:49 | 10-02-2009 - 22:30 | |
CVE-2009-0096 | 9.3 |
Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 does not properly perform memory copy operations for object data, which allows remote attackers to execute arbitrary code via a crafted Visio document, aka "Memory Corruption Vulnerability."
|
12-10-2018 - 21:49 | 10-02-2009 - 22:30 | |
CVE-2009-0095 | 9.3 |
Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 does not properly validate object data in Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Memory Validation Vulnerability."
|
12-10-2018 - 21:49 | 10-02-2009 - 22:30 | |
CVE-2009-0098 | 9.3 |
Microsoft Exchange 2000 Server SP3, Exchange Server 2003 SP2, and Exchange Server 2007 SP1 do not properly interpret Transport Neutral Encapsulation (TNEF) properties, which allows remote attackers to execute arbitrary code via a crafted TNEF message
|
12-10-2018 - 21:49 | 10-02-2009 - 22:30 | |
CVE-2009-0097 | 9.3 |
Microsoft Office Visio 2002 SP2 and 2003 SP3 does not properly validate memory allocation for Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Memory Corruption Vulnerability."
|
12-10-2018 - 21:49 | 10-02-2009 - 22:30 | |
CVE-2008-4269 | 8.5 |
The search-ms protocol handler in Windows Explorer in Microsoft Windows Vista Gold and SP1 and Server 2008 uses untrusted parameter data obtained from incorrect parsing, which allows remote attackers to execute arbitrary code via a crafted HTML docum
|
12-10-2018 - 21:48 | 10-12-2008 - 14:00 | |
CVE-2008-4252 | 8.5 |
The DataGrid ActiveX control in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a c
|
12-10-2018 - 21:48 | 10-12-2008 - 14:00 | |
CVE-2008-4268 | 8.5 |
The Windows Search component in Microsoft Windows Vista Gold and SP1 and Server 2008 does not properly free memory during a save operation for a Windows Search file, which allows remote attackers to execute arbitrary code via a crafted saved-search f
|
12-10-2018 - 21:48 | 10-12-2008 - 14:00 | |
CVE-2008-4256 | 8.5 |
The Charts ActiveX control in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote at
|
12-10-2018 - 21:48 | 10-12-2008 - 14:00 | |
CVE-2008-4265 | 9.3 |
Microsoft Office Excel 2000 SP3 allows remote attackers to execute arbitrary code via a crafted Excel spreadsheet that contains a malformed object, which triggers memory corruption during the loading of records from this spreadsheet, aka "File Format
|
12-10-2018 - 21:48 | 10-12-2008 - 14:00 | |
CVE-2008-4253 | 8.5 |
The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, Office FrontPage 2002 SP3, and Office Project 2003 SP3 does not properly handle errors during access to incorrectly initialized objects, which allo
|
12-10-2018 - 21:48 | 10-12-2008 - 14:00 | |
CVE-2008-4266 | 9.3 |
Array index vulnerability in Microsoft Office Excel 2000 SP3, 2002 SP3, and 2003 SP3; Excel Viewer 2003 Gold and SP3; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via an Exc
|
12-10-2018 - 21:48 | 10-12-2008 - 14:00 | |
CVE-2008-4254 | 8.5 |
Multiple integer overflows in the Hierarchical FlexGrid ActiveX control (mshflxgd.ocx) in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allow remote attackers to execute arbitrary code via crafted (1) Rows and (2) Cols prop
|
12-10-2018 - 21:48 | 10-12-2008 - 14:00 | |
CVE-2008-4033 | 4.3 |
Cross-domain vulnerability in Microsoft XML Core Services 3.0 through 6.0, as used in Microsoft Expression Web, Office, Internet Explorer, and other products, allows remote attackers to obtain sensitive information from another domain and corrupt the
|
12-10-2018 - 21:48 | 12-11-2008 - 23:30 | |
CVE-2008-4264 | 9.3 |
Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open
|
12-10-2018 - 21:48 | 10-12-2008 - 14:00 | |
CVE-2008-4255 | 9.3 |
Heap-based buffer overflow in mscomct2.ocx (aka Windows Common ActiveX control or Microsoft Animation ActiveX control) in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, and Office Proj
|
12-10-2018 - 21:48 | 10-12-2008 - 14:00 | |
CVE-2008-3704 | 9.3 |
Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0, Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP
|
12-10-2018 - 21:48 | 18-08-2008 - 19:41 | |
CVE-2008-2540 | 9.3 |
Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt the user before downloading an object that has an unrecognized content type, which allows remote attackers to place malware into the (1) Desktop directory on Windows or (2) Downlo
|
12-10-2018 - 21:47 | 03-06-2008 - 15:32 | |
CVE-2008-3010 | 10.0 |
Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1 and 9 incorrectly associate ISATAP addresses with the Local Intranet zone, which allows remote servers to capture NTLM credentials, and ex
|
12-10-2018 - 21:47 | 10-12-2008 - 14:00 | |
CVE-2008-0015 | 9.3 |
Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP
|
12-10-2018 - 21:44 | 07-07-2009 - 23:30 | |
CVE-2008-0020 | 9.3 |
Unspecified vulnerability in the Load method in the IPersistStreamInit interface in the Active Template Library (ATL), as used in the Microsoft Video ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server
|
12-10-2018 - 21:44 | 07-07-2009 - 23:30 | |
CVE-2014-4112 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
08-03-2018 - 17:15 | 08-02-2018 - 23:29 | |
CVE-2014-4145 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
08-03-2018 - 17:14 | 08-02-2018 - 23:29 | |
CVE-2014-4066 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
08-03-2018 - 17:14 | 08-02-2018 - 23:29 | |
CVE-2014-8985 | 7.6 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014
|
23-02-2018 - 17:47 | 08-02-2018 - 23:29 | |
CVE-2012-4969 | 9.3 |
Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012.
|
21-11-2017 - 18:13 | 18-09-2012 - 10:39 | |
CVE-2013-2013 | 2.1 |
The user-password-update command in python-keystoneclient before 0.2.4 accepts the new password in the --password argument, which allows local users to obtain sensitive information by listing the process.
|
19-09-2017 - 01:36 | 01-10-2013 - 20:55 | |
CVE-2010-4701 | 7.6 |
Heap-based buffer overflow in the CDrawPoly::Serialize function in fxscover.exe in Microsoft Windows Fax Services Cover Page Editor 5.2 r2 in Windows XP Professional SP3, Server 2003 R2 Enterprise Edition SP2, and Windows 7 Professional allows remote
|
19-09-2017 - 01:31 | 20-01-2011 - 19:00 | |
CVE-2017-0038 | 4.3 |
gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers
|
01-09-2017 - 01:29 | 20-02-2017 - 16:59 | |
CVE-2017-0086 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is diffe
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0061 | 2.6 |
The Color Management Module (ICM32.dll) memory handling functionality in Windows Vista SP2, Windows Server 2008 SP2 and R2, and Windows 7 SP1 allows remote attackers to bypass ASLR and execute code in combination with another vulnerability through a
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0063 | 4.3 |
The Color Management Module (ICM32.dll) memory handling functionality in Windows Vista SP2; Windows Server 2008 SP2 and R2; and Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0115 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0091 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0100 | 4.4 |
A DCOM object in Helppane.exe in Microsoft Windows 7 SP1; Windows Server 2008 R2; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows local users to gain privileges via a craft
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0111 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0088 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Uniscribe Remote Code Execution Vulnerability."
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0084 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arb
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0085 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0113 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0090 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is diffe
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0083 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is diffe
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0112 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0087 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is diffe
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0114 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0062 | 1.9 |
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0092 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0108 | 9.3 |
The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; and Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Live Meeting 2007; Silverlight 5; Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allo
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0116 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0089 | 9.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is diffe
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0117 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0074 | 2.3 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 and R2; Windows 10, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a de
|
17-07-2017 - 13:18 | 17-03-2017 - 00:59 | |
CVE-2017-0099 | 2.3 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to
|
17-07-2017 - 13:18 | 17-03-2017 - 00:59 | |
CVE-2017-0096 | 2.3 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users to obtain sensitive information from h
|
17-07-2017 - 13:18 | 17-03-2017 - 00:59 | |
CVE-2017-0076 | 2.9 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 and R2; Windows 10, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a de
|
17-07-2017 - 13:18 | 17-03-2017 - 00:59 | |
CVE-2017-0098 | 2.9 |
Hyper-V in Microsoft Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a denial of service via a crafted application, aka "Hyper-V Denial of Service Vulnerability." This vulnerabilit
|
17-07-2017 - 13:18 | 17-03-2017 - 00:59 | |
CVE-2017-0109 | 7.4 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users to execute arbitrary code on the host
|
17-07-2017 - 13:18 | 17-03-2017 - 00:59 | |
CVE-2017-0097 | 2.3 |
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 and R2; Windows 10, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a de
|
17-07-2017 - 13:18 | 17-03-2017 - 00:59 | |
CVE-2017-0065 | 4.3 |
Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CV
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0033 | 4.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0069 | 4.3 |
Microsoft Edge allows remote attackers to spoof web content via a crafted web site, aka "Microsoft Edge Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0033.
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0130 | 7.6 |
The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." This v
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0018 | 7.6 |
Microsoft Internet Explorer 10 and 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." This vulnerability is different f
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0006 | 9.3 |
Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Mic
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0105 | 4.3 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information fro
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0053 | 9.3 |
Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2013 R2 SP1, Word 2016, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0019 | 9.3 |
Microsoft Word 2016 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." This vulnerability is different from those describe
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0057 | 4.3 |
DNS client in Microsoft Windows 8.1; Windows Server 2012 R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 fails to properly process DNS queries, which allows remote attackers to obtain sensitive information via (1) convinc
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0027 | 2.6 |
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to obtain sensitive information from process memory via a crafted Office d
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0049 | 4.3 |
The VBScript engine in Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability." This vulnerability is different fro
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0035 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0031 | 9.3 |
Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP3, and Word 2010 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corrupti
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0009 | 4.3 |
Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." This vulnerability is different from those described
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0030 | 9.3 |
Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Office Web Apps Server 2010 SP2, Word 2007 SP3, Word 2010 SP2, and Word Automation Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code or cause a denial of
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0007 | 2.1 |
Device Guard in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows remote attackers to modify PowerShell script without invalidating associated signatures, aka "PowerShell Security Feature Bypass Vulnerability."
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0020 | 9.3 |
Microsoft Excel 2016, Excel 2010 SP2, Excel 2013 RT SP1, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corrup
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0052 | 9.3 |
Microsoft Office Compatibility Pack SP3, Excel 2007 SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Mic
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0040 | 7.6 |
The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." This v
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0015 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0008 | 4.3 |
Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." This vulnerability is different from those descr
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0067 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0129 | 5.0 |
Microsoft Lync for Mac 2011 fails to properly validate certificates, allowing remote attackers to alter server-client communications, aka "Microsoft Lync for Mac Certificate Validation Vulnerability."
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0012 | 4.3 |
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0033 and CVE-2017-0
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0011 | 4.3 |
Microsoft Edge allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0017, CVE-2017-0
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0154 | 5.8 |
Microsoft Internet Explorer 11 on Windows 10, 1511, and 1606 and Windows Server 2016 does not enforce cross-domain policies, allowing attackers to access information from one domain and inject it into another via a crafted application, aka, "Internet
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0034 | 7.6 |
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0107 | 4.3 |
Microsoft SharePoint Server fails to sanitize crafted web requests, allowing remote attackers to run cross-script in local security context, aka "Microsoft SharePoint XSS Vulnerability."
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0068 | 4.3 |
Browsers in Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0032 | 7.6 |
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitra
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2017-0017 | 4.3 |
The RegEx class in the XSS filter in Microsoft Edge allows remote attackers to conduct cross-site scripting (XSS) attacks and obtain sensitive information via unspecified vectors, aka "Microsoft Edge Information Disclosure Vulnerability." This vulner
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2016-7293 | 5.0 |
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue in a "generally available" software product. Notes: none.
|
16-02-2017 - 16:59 | 16-02-2017 - 16:59 | |
CVE-2014-8967 | 6.8 |
Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted HTML document in conjunction with a Cascading Style Sheets (CSS) token sequence specifying the run-in value for the display pr
|
30-10-2015 - 19:01 | 15-12-2014 - 18:59 |