Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2009-2529 | 9.3 |
Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not properly handle argument validation for unspecified variables, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "HTML Component Handling Vulnera
|
21-10-2024 - 17:35 | 14-10-2009 - 10:30 | |
CVE-2009-3671 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Unini
|
21-10-2024 - 17:35 | 09-12-2009 - 18:30 | |
CVE-2010-1260 | 9.3 |
The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption,
|
21-10-2024 - 17:35 | 08-06-2010 - 22:30 | |
CVE-2010-0492 | 9.3 |
Use-after-free vulnerability in mstime.dll in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via vectors related to the TIME2 behavior, the CTimeAction object, and destruction of markup, leading to memory corruption,
|
21-10-2024 - 17:35 | 31-03-2010 - 19:30 | |
CVE-2010-0248 | 9.3 |
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corru
|
21-10-2024 - 17:35 | 22-01-2010 - 22:00 | |
CVE-2011-0346 | 9.3 |
Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the DOM i
|
21-10-2024 - 17:35 | 07-01-2011 - 23:00 | |
CVE-2010-3243 | 4.3 |
Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoint Server 2007 SP2, allows remote attackers to injec
|
17-10-2024 - 21:35 | 13-10-2010 - 19:00 | |
CVE-2012-1879 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access an undefined memory location, aka "insertAdjacentText Remote Code Execution Vulnerabil
|
17-10-2024 - 19:35 | 12-06-2012 - 22:55 | |
CVE-2012-4792 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated
|
14-08-2024 - 15:02 | 30-12-2012 - 18:55 | |
CVE-2013-3897 | 9.3 |
Use-after-free vulnerability in the CDisplayPointer class in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JavaScript code that us
|
16-07-2024 - 17:35 | 09-10-2013 - 14:54 | |
CVE-2013-1347 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly allocated or (2) is deleted, as exploited in the wild in May 2013.
|
16-07-2024 - 17:35 | 05-05-2013 - 11:07 | |
CVE-2013-2551 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, as demonstrated by VUPEN during a Pwn2Own competition at CanSe
|
09-07-2024 - 18:22 | 11-03-2013 - 10:55 | |
CVE-2013-3163 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
28-06-2024 - 13:40 | 10-07-2013 - 03:46 | |
CVE-2010-0249 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote
|
15-02-2024 - 21:06 | 15-01-2010 - 17:30 | |
CVE-2009-1532 | 9.3 |
Microsoft Internet Explorer 8 for Windows XP SP2 and SP3; 8 for Server 2003 SP2; 8 for Vista Gold, SP1, and SP2; and 8 for Server 2008 SP2 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via "malfor
|
09-02-2024 - 03:22 | 10-06-2009 - 18:30 | |
CVE-2010-3328 | 9.3 |
Use-after-free vulnerability in the CAttrArray::PrivateFind function in mshtml.dll in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code by setting an unspecified property of a stylesheet object, aka "Uninitiali
|
02-02-2024 - 16:00 | 13-10-2010 - 19:00 | |
CVE-2011-2001 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an attempted access to a virtual function table after corruption of this table has occurred, aka "Virtual
|
01-03-2022 - 16:39 | 12-10-2011 - 02:52 | |
CVE-2012-0171 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "SelectAll Remote Code Execution Vulnerability."
|
01-03-2022 - 16:34 | 10-04-2012 - 21:55 | |
CVE-2012-0168 | 7.6 |
Microsoft Internet Explorer 6 through 9 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML document that is not properly handled during a "Print table of links" print operation, aka "Print Feature Remote Code Execution
|
01-03-2022 - 16:32 | 10-04-2012 - 21:55 | |
CVE-2012-0011 | 9.3 |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "HTML Layout Remote Code Execution Vulnerability."
|
01-03-2022 - 16:28 | 14-02-2012 - 22:55 | |
CVE-2012-0010 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not properly perform copy-and-paste operations, which allows user-assisted remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Copy and Paste Information D
|
01-03-2022 - 14:58 | 14-02-2012 - 22:55 | |
CVE-2011-3404 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not properly use the Content-Disposition HTTP header to control rendering of the HTTP response body, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web
|
01-03-2022 - 14:55 | 14-12-2011 - 00:55 | |
CVE-2011-1992 | 4.3 |
The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to read content from a different (1) domain or (2) zone via a "trial and error" attack, aka "XSS Filter Information Disclosure Vulnerability."
|
01-03-2022 - 14:26 | 14-12-2011 - 00:55 | |
CVE-2011-2000 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Body Element Remote Code Execution Vulnerability."
|
28-02-2022 - 20:50 | 12-10-2011 - 02:52 | |
CVE-2011-1999 | 9.3 |
Microsoft Internet Explorer 8 does not properly allocate and access memory, which allows remote attackers to execute arbitrary code via vectors involving a "dereferenced memory address," aka "Select Element Remote Code Execution Vulnerability."
|
28-02-2022 - 20:49 | 12-10-2011 - 02:52 | |
CVE-2011-1996 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Option Element Remote Code Execution Vulnerability."
|
28-02-2022 - 20:25 | 12-10-2011 - 02:52 | |
CVE-2011-1995 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "OLEAuto32.dll Remote Code Execution Vulnerabili
|
28-02-2022 - 20:23 | 12-10-2011 - 02:52 | |
CVE-2011-1993 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Scroll Event Remote Code Execution Vulnerability."
|
28-02-2022 - 20:17 | 12-10-2011 - 02:52 | |
CVE-2011-1964 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Style Object Memory Corru
|
28-02-2022 - 20:01 | 10-08-2011 - 21:55 | |
CVE-2011-1960 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not properly implement JavaScript event handlers, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Event Handlers Information Disclo
|
28-02-2022 - 20:01 | 10-08-2011 - 21:55 | |
CVE-2011-1963 | 9.3 |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "XSLT Memory Corruption Vu
|
28-02-2022 - 20:00 | 10-08-2011 - 21:55 | |
CVE-2011-1962 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle unspecified character sequences, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site that triggers "inactive filtering," aka "Sh
|
28-02-2022 - 19:58 | 10-08-2011 - 21:55 | |
CVE-2011-1961 | 9.3 |
The telnet URI handler in Microsoft Internet Explorer 6 through 9 does not properly launch the handler application, which allows remote attackers to execute arbitrary programs via a crafted web site, aka "Telnet Handler Remote Code Execution Vulnerab
|
28-02-2022 - 19:54 | 10-08-2011 - 21:55 | |
CVE-2011-1257 | 7.6 |
Race condition in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors involving access to an object, aka "Window Open Race Condition Vulnerability."
|
28-02-2022 - 19:49 | 10-08-2011 - 21:55 | |
CVE-2011-1266 | 9.3 |
The Vector Markup Language (VML) implementation in vgx.dll in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly
|
28-02-2022 - 19:48 | 16-06-2011 - 20:55 | |
CVE-2011-1262 | 9.3 |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "HTTP Redirect Memory Corr
|
28-02-2022 - 19:46 | 16-06-2011 - 20:55 | |
CVE-2011-1261 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Selection Object Memory C
|
28-02-2022 - 19:44 | 16-06-2011 - 20:55 | |
CVE-2011-1258 | 4.3 |
Microsoft Internet Explorer 6 through 8 does not properly restrict web script, which allows user-assisted remote attackers to obtain sensitive information from a different (1) domain or (2) zone via vectors involving a drag-and-drop operation, aka "D
|
28-02-2022 - 19:43 | 16-06-2011 - 20:55 | |
CVE-2011-1256 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "DOM Modification Memory C
|
28-02-2022 - 19:41 | 16-06-2011 - 20:55 | |
CVE-2011-1255 | 9.3 |
The Timed Interactive Multimedia Extensions (aka HTML+TIME) implementation in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1)
|
28-02-2022 - 19:35 | 16-06-2011 - 20:55 | |
CVE-2011-1254 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Drag and Drop Memory Corr
|
28-02-2022 - 19:33 | 16-06-2011 - 20:55 | |
CVE-2011-1251 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "DOM Manipulation Memory Corruption
|
28-02-2022 - 19:32 | 16-06-2011 - 20:55 | |
CVE-2011-1250 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Link Properties Handling
|
28-02-2022 - 19:30 | 16-06-2011 - 20:55 | |
CVE-2011-1246 | 4.3 |
Microsoft Internet Explorer 8 does not properly handle content settings in HTTP responses, which allows remote web servers to obtain sensitive information from a different (1) domain or (2) zone via a crafted response, aka "MIME Sniffing Information
|
28-02-2022 - 19:26 | 16-06-2011 - 20:55 | |
CVE-2011-1244 | 5.8 |
Microsoft Internet Explorer 6, 7, and 8 does not enforce intended domain restrictions on content access, which allows remote attackers to obtain sensitive information or conduct clickjacking attacks via a crafted web site, aka "Frame Tag Information
|
28-02-2022 - 19:25 | 13-04-2011 - 18:55 | |
CVE-2010-3348 | 4.3 |
Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of cached content as HTML, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Cross-Domain Information Disclosur
|
28-02-2022 - 19:23 | 16-12-2010 - 19:33 | |
CVE-2010-3346 | 9.3 |
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption,
|
28-02-2022 - 19:22 | 16-12-2010 - 19:33 | |
CVE-2010-3345 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML
|
28-02-2022 - 19:21 | 16-12-2010 - 19:33 | |
CVE-2010-3342 | 4.3 |
Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of cached content as HTML, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Cross-Domain Information Disclosur
|
28-02-2022 - 19:19 | 16-12-2010 - 19:33 | |
CVE-2010-3962 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Cascading Style Sheets (CSS) token sequences and the clip attribute, aka an "invalid flag reference" issu
|
28-02-2022 - 19:15 | 05-11-2010 - 17:00 | |
CVE-2010-2560 | 9.3 |
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption,
|
28-02-2022 - 18:57 | 11-08-2010 - 18:47 | |
CVE-2010-2559 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Unini
|
28-02-2022 - 17:31 | 11-08-2010 - 18:47 | |
CVE-2010-2558 | 9.3 |
Race condition in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to an object in memory, aka "Race Condition Memory Corruption Vulnerabili
|
28-02-2022 - 17:30 | 11-08-2010 - 18:47 | |
CVE-2010-2556 | 9.3 |
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption,
|
28-02-2022 - 17:24 | 11-08-2010 - 18:47 | |
CVE-2010-1489 | 4.3 |
The XSS Filter in Microsoft Internet Explorer 8 does not properly perform neutering for the SCRIPT tag, which allows remote attackers to conduct cross-site scripting (XSS) attacks against web sites that have no inherent XSS vulnerabilities, a differe
|
28-02-2022 - 17:15 | 20-04-2010 - 16:30 | |
CVE-2010-3886 | 4.3 |
The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft mshtml.dll uses a certain pointer value as part of producing Timer ID values for the setTimeout and setInterval methods in VBScript and JScript, which allows remote attackers to obtai
|
18-02-2022 - 18:39 | 08-10-2010 - 22:00 | |
CVE-2013-0021 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer vtable Use After Free Vulnerability."
|
17-09-2021 - 11:15 | 13-02-2013 - 12:04 | |
CVE-2010-3971 | 9.3 |
Use-after-free vulnerability in the CSharedStyleSheet::Notify function in the Cascading Style Sheets (CSS) parser in mshtml.dll, as used in Microsoft Internet Explorer 6 through 8 and other products, allows remote attackers to execute arbitrary code
|
23-07-2021 - 15:12 | 22-12-2010 - 21:00 | |
CVE-2012-1872 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to inject arbitrary web script or HTML via crafted character sequences with EUC-JP encoding, aka "EUC-JP Character Encoding Vulnerability."
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2009-3673 | 9.3 |
Microsoft Internet Explorer 7 and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka
|
23-07-2021 - 15:12 | 09-12-2009 - 18:30 | |
CVE-2010-1261 | 9.3 |
The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption,
|
23-07-2021 - 15:12 | 08-06-2010 - 22:30 | |
CVE-2011-1345 | 9.3 |
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, as demonstrated by Stephen Few
|
23-07-2021 - 15:12 | 10-03-2011 - 20:55 | |
CVE-2009-1917 | 9.3 |
Microsoft Internet Explorer 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly h
|
23-07-2021 - 15:12 | 29-07-2009 - 17:30 | |
CVE-2010-3330 | 4.3 |
Microsoft Internet Explorer 6 through 8 does not properly restrict script access to content from a different (1) domain or (2) zone, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Cross-Domain Information D
|
23-07-2021 - 15:12 | 13-10-2010 - 19:00 | |
CVE-2010-3325 | 4.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle unspecified special characters in Cascading Style Sheets (CSS) documents, which allows remote attackers to obtain sensitive information from a different (1) domain or (2) zone via a cra
|
23-07-2021 - 15:12 | 13-10-2010 - 19:00 | |
CVE-2010-1258 | 4.3 |
Microsoft Internet Explorer 6, 7, and 8 does not properly determine the origin of script code, which allows remote attackers to execute script in an unintended domain or security zone, and obtain sensitive information, via unspecified vectors, aka "E
|
23-07-2021 - 15:12 | 11-08-2010 - 18:47 | |
CVE-2011-2383 | 4.3 |
Microsoft Internet Explorer 9 and earlier does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing an http: U
|
23-07-2021 - 15:12 | 03-06-2011 - 17:55 | |
CVE-2009-1919 | 9.3 |
Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do n
|
23-07-2021 - 15:12 | 29-07-2009 - 17:30 | |
CVE-2010-1259 | 9.3 |
Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption V
|
23-07-2021 - 15:12 | 08-06-2010 - 22:30 | |
CVE-2010-1257 | 4.3 |
Cross-site scripting (XSS) vulnerability in the toStaticHTML API, as used in Microsoft Office InfoPath 2003 SP3, 2007 SP1, and 2007 SP2; Office SharePoint Server 2007 SP1 and SP2; SharePoint Services 3.0 SP1 and SP2; and Internet Explorer 8 allows re
|
23-07-2021 - 15:12 | 08-06-2010 - 20:30 | |
CVE-2009-4073 | 5.0 |
The printing functionality in Microsoft Internet Explorer 8 allows remote attackers to discover a local pathname, and possibly a local username, by reading the dc:title element of a PDF document that was generated from a local web page.
|
23-07-2021 - 15:12 | 24-11-2009 - 17:30 | |
CVE-2010-3329 | 9.3 |
mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code via a crafted Microsoft Office document that causes the HtmlDlgHelper class destructor to access uninitialized memory, aka "Uninitialized Memory Cor
|
23-07-2021 - 15:12 | 13-10-2010 - 19:00 | |
CVE-2011-1713 | 4.3 |
Microsoft msxml.dll, as used in Internet Explorer 8 on Windows 7, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function. NOTE: thi
|
23-07-2021 - 15:12 | 15-04-2011 - 20:55 | |
CVE-2010-1262 | 9.3 |
Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, related to the CStyleSheet object and
|
23-07-2021 - 15:12 | 08-06-2010 - 22:30 | |
CVE-2010-3324 | 4.3 |
The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, Groove Server 2010, and Office Web Apps, allows rem
|
23-07-2021 - 15:12 | 17-09-2010 - 18:00 | |
CVE-2009-4074 | 4.3 |
The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to leverage the "response-changing mechanism" to conduct cross-site scripting (XSS) attacks against web sites that have no inherent XSS vulnerabilities, related to the details of
|
23-07-2021 - 15:12 | 25-11-2009 - 18:30 | |
CVE-2009-1918 | 10.0 |
Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do n
|
23-07-2021 - 15:12 | 29-07-2009 - 17:30 | |
CVE-2010-3331 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory in certain circumstances involving use of Microsoft Word to read Word documents, which allows remote attackers to execute arbitrary code by accessing an object that (1
|
23-07-2021 - 15:12 | 13-10-2010 - 19:00 | |
CVE-2010-3327 | 4.3 |
The implementation of HTML content creation in Microsoft Internet Explorer 6 through 8 does not remove the Anchor element during pasting and editing, which might allow remote attackers to obtain sensitive deleted information by visiting a web page, a
|
23-07-2021 - 15:12 | 13-10-2010 - 19:00 | |
CVE-2009-2433 | 4.3 |
Stack-based buffer overflow in the AddFavorite method in Microsoft Internet Explorer allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a long URL in the first argument.
|
23-07-2021 - 15:12 | 10-07-2009 - 21:00 | |
CVE-2009-3674 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Unini
|
23-07-2021 - 15:12 | 09-12-2009 - 18:30 | |
CVE-2011-0347 | 9.3 |
Microsoft Internet Explorer on Windows XP allows remote attackers to trigger an incorrect GUI display and have unspecified other impact via vectors related to the DOM implementation, as demonstrated by cross_fuzz.
|
23-07-2021 - 15:12 | 07-01-2011 - 23:00 | |
CVE-2010-0027 | 9.3 |
The URL validation functionality in Microsoft Internet Explorer 5.01, 6, 6 SP1, 7 and 8, and the ShellExecute API function in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, does not properly process input parameters, which allows remote attac
|
23-07-2021 - 15:12 | 22-01-2010 - 22:00 | |
CVE-2012-1877 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Title Element Change Remote Code Execution Vulnerability."
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2012-1858 | 4.3 |
The toStaticHTML API (aka the SafeHTML component) in Microsoft Internet Explorer 8 and 9, Communicator 2007 R2, and Lync 2010 and 2010 Attendee does not properly handle event attributes and script, which makes it easier for remote attackers to conduc
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2011-0038 | 9.3 |
Untrusted search path vulnerability in Microsoft Internet Explorer 8 might allow local users to gain privileges via a Trojan horse IEShims.dll in the current working directory, as demonstrated by a Desktop directory that contains an HTML file, aka "I
|
23-07-2021 - 15:12 | 10-02-2011 - 16:00 | |
CVE-2011-0035 | 9.3 |
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption,
|
23-07-2021 - 15:12 | 10-02-2011 - 16:00 | |
CVE-2010-0244 | 9.3 |
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corru
|
23-07-2021 - 15:12 | 22-01-2010 - 22:00 | |
CVE-2010-0494 | 4.3 |
Cross-domain vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 allows user-assisted remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted HTML document in a situation where the cl
|
23-07-2021 - 15:12 | 31-03-2010 - 19:30 | |
CVE-2010-0245 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Unini
|
23-07-2021 - 15:12 | 22-01-2010 - 22:00 | |
CVE-2010-0246 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Unini
|
23-07-2021 - 15:12 | 22-01-2010 - 22:00 | |
CVE-2012-1874 | 9.3 |
Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows user-assisted remote attackers to execute arbitrary code by accessing a deleted object, aka "Developer Toolbar Remote Code Execution Vulnerability."
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2010-0255 | 4.3 |
Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prevent rendering of non-HTML local files as HTML documents, which allows remote attackers to bypass intended access restrictions and read arbitrary files via vectors involving JavaScr
|
23-07-2021 - 15:12 | 04-02-2010 - 20:15 | |
CVE-2012-1876 | 9.3 |
Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access a nonexistent object, leading to a heap-based buffer overflo
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2012-1873 | 4.3 |
Microsoft Internet Explorer 7 through 9 does not properly create and initialize string data, which allows remote attackers to obtain sensitive information from process memory via a crafted HTML document, aka "Null Byte Information Disclosure Vulnerab
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2012-1875 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Same ID Property Remote Code Execution Vulnerability."
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2011-1260 | 9.3 |
Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Layout Memory Corruption Vuln
|
23-07-2021 - 15:12 | 16-06-2011 - 20:55 | |
CVE-2011-0036 | 9.3 |
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption,
|
23-07-2021 - 15:12 | 10-02-2011 - 16:00 | |
CVE-2011-1252 | 4.3 |
Cross-site scripting (XSS) vulnerability in the SafeHTML function in the toStaticHTML API in Microsoft Internet Explorer 7 and 8, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Groove Server 2010 Gold and SP1, Windows
|
23-07-2021 - 15:12 | 16-06-2011 - 20:55 | |
CVE-2012-1878 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnBeforeDeactivate Event Remote Code Execution Vulnerability."
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2012-1882 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not block cross-domain scrolling events, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Scrolling Events Information Disclosure Vulnerabi
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2010-0490 | 9.3 |
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corru
|
23-07-2021 - 15:12 | 31-03-2010 - 19:30 | |
CVE-2012-1523 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Center Element Remote Code Execution Vulnerability."
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2012-0172 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Style Remote Code Execution Vulnerability."
|
23-07-2021 - 15:12 | 10-04-2012 - 21:55 | |
CVE-2012-1880 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "insertRow Remote Code Execution Vulnerability."
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2012-1881 | 9.3 |
Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnRowsInserted Event Remote Code Execution Vulnerability."
|
23-07-2021 - 15:12 | 12-06-2012 - 22:55 | |
CVE-2013-3893 | 9.3 |
Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help: URL t
|
17-05-2021 - 17:15 | 18-09-2013 - 10:08 | |
CVE-2012-4792 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated
|
28-09-2020 - 12:58 | 30-12-2012 - 18:55 | |
CVE-2013-3186 | 7.6 |
The Protected Mode feature in Microsoft Internet Explorer 7 through 10 on Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly implement the Integrity Access Level (aka
|
28-09-2020 - 12:58 | 14-08-2013 - 11:10 | |
CVE-2011-1993 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Scroll Event Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2012-1873 | 4.3 |
Microsoft Internet Explorer 7 through 9 does not properly create and initialize string data, which allows remote attackers to obtain sensitive information from process memory via a crafted HTML document, aka "Null Byte Information Disclosure Vulnerab
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-1881 | 9.3 |
Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnRowsInserted Event Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-1878 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnBeforeDeactivate Event Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2011-1996 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Option Element Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2011-1257 | 7.6 |
Race condition in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors involving access to an object, aka "Window Open Race Condition Vulnerability."
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1995 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "OLEAuto32.dll Remote Code Execution Vulnerabili
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2012-1523 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Center Element Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2011-1256 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "DOM Modification Memory C
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1246 | 4.3 |
Microsoft Internet Explorer 8 does not properly handle content settings in HTTP responses, which allows remote web servers to obtain sensitive information from a different (1) domain or (2) zone via a crafted response, aka "MIME Sniffing Information
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-2000 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Body Element Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2011-1960 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not properly implement JavaScript event handlers, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Event Handlers Information Disclo
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-2001 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an attempted access to a virtual function table after corruption of this table has occurred, aka "Virtual
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2012-1880 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "insertRow Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-1874 | 9.3 |
Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows user-assisted remote attackers to execute arbitrary code by accessing a deleted object, aka "Developer Toolbar Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-1875 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Same ID Property Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-1877 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Title Element Change Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2011-1964 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Style Object Memory Corru
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1258 | 4.3 |
Microsoft Internet Explorer 6 through 8 does not properly restrict web script, which allows user-assisted remote attackers to obtain sensitive information from a different (1) domain or (2) zone via vectors involving a drag-and-drop operation, aka "D
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1251 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "DOM Manipulation Memory Corruption
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1992 | 4.3 |
The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to read content from a different (1) domain or (2) zone via a "trial and error" attack, aka "XSS Filter Information Disclosure Vulnerability."
|
28-09-2020 - 12:58 | 14-12-2011 - 00:55 | |
CVE-2011-1963 | 9.3 |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "XSLT Memory Corruption Vu
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1261 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Selection Object Memory C
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1254 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Drag and Drop Memory Corr
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1244 | 5.8 |
Microsoft Internet Explorer 6, 7, and 8 does not enforce intended domain restrictions on content access, which allows remote attackers to obtain sensitive information or conduct clickjacking attacks via a crafted web site, aka "Frame Tag Information
|
28-09-2020 - 12:58 | 13-04-2011 - 18:55 | |
CVE-2012-1879 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access an undefined memory location, aka "insertAdjacentText Remote Code Execution Vulnerabil
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-1876 | 9.3 |
Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access a nonexistent object, leading to a heap-based buffer overflo
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2012-1882 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not block cross-domain scrolling events, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Scrolling Events Information Disclosure Vulnerabi
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2011-1961 | 9.3 |
The telnet URI handler in Microsoft Internet Explorer 6 through 9 does not properly launch the handler application, which allows remote attackers to execute arbitrary programs via a crafted web site, aka "Telnet Handler Remote Code Execution Vulnerab
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2011-1250 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Link Properties Handling
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1999 | 9.3 |
Microsoft Internet Explorer 8 does not properly allocate and access memory, which allows remote attackers to execute arbitrary code via vectors involving a "dereferenced memory address," aka "Select Element Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
CVE-2011-1266 | 9.3 |
The Vector Markup Language (VML) implementation in vgx.dll in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2012-1858 | 4.3 |
The toStaticHTML API (aka the SafeHTML component) in Microsoft Internet Explorer 8 and 9, Communicator 2007 R2, and Lync 2010 and 2010 Attendee does not properly handle event attributes and script, which makes it easier for remote attackers to conduc
|
28-09-2020 - 12:58 | 12-06-2012 - 22:55 | |
CVE-2013-1347 | 9.3 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly allocated or (2) is deleted, as exploited in the wild in May 2013.
|
28-09-2020 - 12:58 | 05-05-2013 - 11:07 | |
CVE-2011-1262 | 9.3 |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "HTTP Redirect Memory Corr
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1255 | 9.3 |
The Timed Interactive Multimedia Extensions (aka HTML+TIME) implementation in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1)
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1962 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle unspecified character sequences, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site that triggers "inactive filtering," aka "Sh
|
28-09-2020 - 12:58 | 10-08-2011 - 21:55 | |
CVE-2013-1288 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CTreeNode Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2011-1252 | 4.3 |
Cross-site scripting (XSS) vulnerability in the SafeHTML function in the toStaticHTML API in Microsoft Internet Explorer 7 and 8, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Groove Server 2010 Gold and SP1, Windows
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2011-1260 | 9.3 |
Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Layout Memory Corruption Vuln
|
28-09-2020 - 12:58 | 16-06-2011 - 20:55 | |
CVE-2013-0093 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer onBeforeCopy Use After Free Vulnerabili
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0087 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer OnResize Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2011-0346 | 9.3 |
Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the DOM i
|
28-09-2020 - 12:58 | 07-01-2011 - 23:00 | |
CVE-2013-0090 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CCaret Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0094 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer removeChild Use After Free Vulnerabilit
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0087 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer OnResize Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0030 | 9.3 |
The Vector Markup Language (VML) implementation in Microsoft Internet Explorer 6 through 10 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via a crafted web site, aka "VML Memory Corruption Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2013-0094 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer removeChild Use After Free Vulnerabilit
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0029 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CHTML Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2013-0019 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer COmWindowProxy Use After Free Vulnerabi
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2013-0090 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CCaret Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0024 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer pasteHTML Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2013-3186 | 7.6 |
The Protected Mode feature in Microsoft Internet Explorer 7 through 10 on Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly implement the Integrity Access Level (aka
|
28-09-2020 - 12:58 | 14-08-2013 - 11:10 | |
CVE-2013-0092 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer GetMarkupPtr Use After Free Vulnerabili
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0088 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer saveHistory Use After Free Vulnerabilit
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2012-0011 | 9.3 |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "HTML Layout Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 14-02-2012 - 22:55 | |
CVE-2013-0029 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CHTML Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2013-0093 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer onBeforeCopy Use After Free Vulnerabili
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0091 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CElement Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-1288 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CTreeNode Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0088 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer saveHistory Use After Free Vulnerabilit
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0092 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer GetMarkupPtr Use After Free Vulnerabili
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0089 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CMarkupBehaviorContext Use After Free V
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0030 | 9.3 |
The Vector Markup Language (VML) implementation in Microsoft Internet Explorer 6 through 10 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via a crafted web site, aka "VML Memory Corruption Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2013-0024 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer pasteHTML Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2013-0089 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CMarkupBehaviorContext Use After Free V
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0091 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CElement Use After Free Vulnerability."
|
28-09-2020 - 12:58 | 13-03-2013 - 00:55 | |
CVE-2013-0019 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer COmWindowProxy Use After Free Vulnerabi
|
28-09-2020 - 12:58 | 13-02-2013 - 12:04 | |
CVE-2009-2531 | 9.3 |
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corru
|
26-02-2019 - 14:04 | 14-10-2009 - 10:30 | |
CVE-2009-2530 | 9.3 |
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corru
|
26-02-2019 - 14:04 | 14-10-2009 - 10:30 | |
CVE-2013-3916 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 13-11-2013 - 00:55 | |
CVE-2013-3910 | 9.3 |
Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 13-11-2013 - 00:55 | |
CVE-2013-3912 | 9.3 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 13-11-2013 - 00:55 | |
CVE-2013-3908 | 4.3 |
Microsoft Internet Explorer 6 through 10 allows user-assisted remote attackers to bypass the Same Origin Policy and obtain sensitive information from any visited document via a crafted web page that is not properly handled during a print-preview acti
|
12-10-2018 - 22:05 | 13-11-2013 - 00:55 | |
CVE-2013-3875 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-3909 | 4.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to read content from a different (1) domain or (2) zone via crafted characters in Cascading Style Sheets (CSS) token sequences, aka "Internet Explorer Information Disclosure Vulnerabilit
|
12-10-2018 - 22:05 | 13-11-2013 - 00:55 | |
CVE-2013-3871 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2013-3915 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 13-11-2013 - 00:55 | |
CVE-2013-3917 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:05 | 13-11-2013 - 00:55 | |
CVE-2013-3142 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 12-06-2013 - 03:30 | |
CVE-2013-3188 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:04 | 14-08-2013 - 11:10 | |
CVE-2013-3153 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3112 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 12-06-2013 - 03:29 | |
CVE-2013-3162 | 9.3 |
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3123 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 12-06-2013 - 03:30 | |
CVE-2013-3205 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3189 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:04 | 14-08-2013 - 11:10 | |
CVE-2013-3190 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 14-08-2013 - 11:10 | |
CVE-2013-3116 | 9.3 |
Microsoft Internet Explorer 7 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 12-06-2013 - 03:29 | |
CVE-2013-3164 | 9.3 |
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3139 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 12-06-2013 - 03:30 | |
CVE-2013-3113 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 12-06-2013 - 03:29 | |
CVE-2013-3199 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 14-08-2013 - 11:10 | |
CVE-2013-3147 | 9.3 |
Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3115 | 9.3 |
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3149 | 9.3 |
Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3208 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3144 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3148 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3111 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 12-06-2013 - 03:29 | |
CVE-2013-3141 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:04 | 12-06-2013 - 03:30 | |
CVE-2013-3845 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3204 | 9.3 |
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3184 | 9.3 |
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 14-08-2013 - 11:10 | |
CVE-2013-3121 | 9.3 |
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 12-06-2013 - 03:30 | |
CVE-2013-3192 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to inject arbitrary web script or HTML via crafted character sequences with EUC-JP encoding, aka "EUC-JP Character Encoding Vulnerability."
|
12-10-2018 - 22:04 | 14-08-2013 - 11:10 | |
CVE-2013-3166 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to inject arbitrary web script or HTML via vectors involving incorrect auto-selection of the Shift JIS encoding, leading to cross-domain scro
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3151 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:04 | 10-07-2013 - 03:46 | |
CVE-2013-3110 | 9.3 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE
|
12-10-2018 - 22:04 | 12-06-2013 - 03:29 | |
CVE-2013-1308 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a differ
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1309 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a differ
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1307 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different v
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1297 | 4.3 |
Microsoft Internet Explorer 6 through 8 does not properly restrict data access by VBScript, which allows remote attackers to perform cross-domain reading of JSON files via a crafted web site, aka "JSON Array Information Disclosure Vulnerability."
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2013-1338 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a differ
|
12-10-2018 - 22:04 | 02-05-2013 - 03:31 | |
CVE-2013-1304 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a differ
|
12-10-2018 - 22:04 | 09-04-2013 - 22:55 | |
CVE-2013-1303 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a differ
|
12-10-2018 - 22:04 | 09-04-2013 - 22:55 | |
CVE-2012-4781 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "InjectHTMLStream Use After Free Vulnerability."
|
12-10-2018 - 22:03 | 12-12-2012 - 00:55 | |
CVE-2012-2521 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Asynchronous NULL Object Access Remote Code Execution Vulnerability."
|
12-10-2018 - 22:03 | 15-08-2012 - 01:55 | |
CVE-2012-2523 | 9.3 |
Integer overflow in Microsoft Internet Explorer 8 and 9, JScript 5.8, and VBScript 5.8 on 64-bit platforms allows remote attackers to execute arbitrary code by leveraging an incorrect size calculation during object copying, aka "JavaScript Integer Ov
|
12-10-2018 - 22:03 | 15-08-2012 - 01:55 | |
CVE-2012-2522 | 9.3 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a malformed virtual function table after this table's deletion, aka "Virtual Function Table Corru
|
12-10-2018 - 22:03 | 15-08-2012 - 01:55 | |
CVE-2012-2557 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "cloneNode Use After Free Vulnerability."
|
12-10-2018 - 22:03 | 21-09-2012 - 21:55 | |
CVE-2013-0811 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different v
|
12-10-2018 - 22:03 | 15-05-2013 - 03:36 | |
CVE-2013-0027 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CPasteCommand Use After Free Vulnerabil
|
12-10-2018 - 22:03 | 13-02-2013 - 12:04 | |
CVE-2013-0015 | 4.3 |
Microsoft Internet Explorer 6 through 9 does not properly perform auto-selection of the Shift JIS encoding, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site that triggers cross-domain scroll
|
12-10-2018 - 22:03 | 13-02-2013 - 12:04 | |
CVE-2013-0025 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer SLayoutRun Use After Free Vulnerability."
|
12-10-2018 - 22:03 | 13-02-2013 - 12:04 | |
CVE-2013-0028 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CObjectElement Use After Free Vulnerabil
|
12-10-2018 - 22:03 | 13-02-2013 - 12:04 | |
CVE-2013-0018 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer SetCapture Use After Free Vulnerability.
|
12-10-2018 - 22:03 | 13-02-2013 - 12:04 | |
CVE-2012-1529 | 9.3 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2) is deleted, aka "OnMove Use Af
|
12-10-2018 - 22:02 | 21-09-2012 - 21:55 | |
CVE-2012-4969 | 9.3 |
Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012.
|
21-11-2017 - 18:13 | 18-09-2012 - 10:39 | |
CVE-2009-2655 | 4.3 |
mshtml.dll in Microsoft Internet Explorer 7 and 8 on Windows XP SP3 allows remote attackers to cause a denial of service (application crash) by calling the JavaScript findText method with a crafted Unicode string in the first argument, and only one a
|
19-09-2017 - 01:29 | 03-08-2009 - 14:30 | |
CVE-2009-3003 | 4.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web pa
|
19-09-2017 - 01:29 | 28-08-2009 - 15:30 |