Lucene search
K

32 matches found

Zero Day Initiative
Zero Day Initiative
added 2013/06/27 12:0 a.m.36 views

Microsoft Internet Explorer CTreeNode Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS3.1AI score0.19345EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2013/06/27 12:0 a.m.29 views

Microsoft Internet Explorer CTreeNode Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS3.6AI score0.19345EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2013/03/13 12:0 a.m.35 views

Microsoft Internet Explorer Multiple Use After Free Vulnerabilities (2809289)

This host is missing a critical security update according to Microsoft Bulletin MS13-021. OpenVAS Vulnerability Test $Id: secpodms13-021.nasl 6115 2017-05-12 09:03:25Z teissa $ Microsoft Internet Explorer Multiple Use After Free Vulnerabilities 2809289 Authors: Thanga Prakash S Copyright: Copyrig...

9.3CVSS0.1AI score0.38223EPSS
Exploits3References3
CVE
CVE
added 2013/03/13 12:0 a.m.143 views

CVE-2013-1288

CVE-2013-1288 is a use-after-free vulnerability in Microsoft Internet Explorer 8 (CTreeNode) that enables remote code execution via a crafted webpage. The NVD entry lists a high impact (CVSS v2 base 9.3) with network access, no user interaction, and complete confidentiality/integrity/availability...

9.3CVSS7.4AI score0.18477EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2013/03/13 12:0 a.m.33 views

CVE-2013-1288

Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CTreeNode Use After Free Vulnerability."...

7.3AI score0.18477EPSS
Exploits0References3
Zero Day Initiative
Zero Day Initiative
added 2012/12/21 12:0 a.m.36 views

Microsoft Internet Explorer 9 CTreeNode Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS2.6AI score0.19496EPSS
Exploits1References1
NVD
NVD
added 2012/11/14 12:55 a.m.20 views

CVE-2012-4775

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability."...

9.3CVSS7.4AI score0.22444EPSS
Exploits0References6
Prion
Prion
added 2012/11/14 12:55 a.m.19 views

Design/Logic Flaw

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability."...

9.3CVSS7.9AI score0.22444EPSS
Exploits0References6Affected Software1
OpenVAS
OpenVAS
added 2012/11/14 12:0 a.m.24 views

Microsoft Internet Explorer Multiple Use-After-Free Vulnerabilities (2761451)

This host is missing a critical security update according to Microsoft Bulletin MS12-071. OpenVAS Vulnerability Test $Id: secpodms12-071.nasl 5958 2017-04-17 09:02:19Z teissa $ Microsoft Internet Explorer Multiple Use-After-Free Vulnerabilities 2761451 Authors: Antu Sanadi Copyright: Copyright c...

9.3CVSS0.1AI score0.2537EPSS
Exploits1References3
CVE
CVE
added 2012/11/14 12:0 a.m.54 views

CVE-2012-4775

Microsoft Internet Explorer 9 is affected by CVE-2012-4775 (CTreeNode Use After Free Vulnerability). The issue is a use-after-free in IE’s memory handling when accessing objects that were not properly initialized or already deleted (CTreeNode/CTreePos/CTreeNode-related code paths), leading to pot...

9.3CVSS7.5AI score0.22444EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2012/11/14 12:0 a.m.21 views

CVE-2012-4775

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability."...

7.4AI score0.22444EPSS
Exploits0References6
securityvulns
securityvulns
added 2010/01/19 12:0 a.m.118 views

Code to mitigate IE event zero-day (CVE-2010-0249)

Here's a mitigation for the CVE-2010-0249 IE createEventObject srcElement zero-day. Quite simply, it just disables the createEventObject method by mangling its name in memory. If anyone knows an important web application that uses createEventObject, please respond to the mailing list. Use this co...

9.3CVSS0.3AI score0.91885EPSS
Exploits16
Rows per page
Query Builder