Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
๐Ÿ”ฅ Daily Hot!
๐Ÿ’ช๐Ÿฝ CPE Enhanced Advisories
๐Ÿ•ถ Shadow Exploits
๐Ÿ•ต๐Ÿผ Vulners CPE
๐Ÿ” Security news
๐Ÿ’ป Exploit updates
๐Ÿ“‘ Blogs review
๐Ÿง Linux vulnerabilities
๐Ÿž Bugbounty
๐Ÿค– AI High Score
๐Ÿ“ฐ CVE Feed
show all

7 matches found

Prion
Prionโ€ขadded 2013/12/11 12:55 a.m.โ€ข14 views

Design/Logic Flaw

hxds.dll in Microsoft Office 2007 SP3 and 2010 SP1 and SP2 does not implement the ASLR protection mechanism, which makes it easier for remote attackers to execute arbitrary code via a crafted COM component on a web site that is visited with Internet Explorer, as exploited in the wild in December...

4.3CVSS7.8AI score0.14803EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistโ€ขadded 2013/12/11 12:0 a.m.โ€ข21 views

CVE-2013-5057

hxds.dll in Microsoft Office 2007 SP3 and 2010 SP1 and SP2 does not implement the ASLR protection mechanism, which makes it easier for remote attackers to execute arbitrary code via a crafted COM component on a web site that is visited with Internet Explorer, as exploited in the wild in December...

7.2AI score0.14803EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEVโ€ขadded 2013/12/10 12:0 a.m.โ€ข1 views

VulnCheck KEV: CVE-2013-5057

hxds.dll in Microsoft Office 2007 SP3 and 2010 SP1 and SP2 does not implement the ASLR protection mechanism, which makes it easier for remote attackers to execute arbitrary code via a crafted COM component on a web site that is visited with Internet Explorer, as exploited in the wild in...

4.3CVSS6.1AI score0.14803EPSS
Exploits0References1
MSRC
MSRCโ€ขadded 2013/12/09 8:0 a.m.โ€ข7 views

MS13-106: Farewell to another ASLR bypass

Today we released MS13-106 which resolves a security feature bypass that can allow attackers to circumvent Address Space Layout Randomization ASLR using a specific DLL library HXDS.DLL provided as part of Microsoft Office 2007 and 2010. The existence of an ASLR bypass does not directly enable the...

7.2AI score
Exploits0
Prion
Prionโ€ขadded 2013/09/18 10:8 a.m.โ€ข31 views

Design/Logic Flaw

Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help: URL that triggers loading of hxds.dll...

9.3CVSS8.1AI score0.82607EPSS
Exploits18References11Affected Software1
Cvelist
Cvelistโ€ขadded 2013/09/18 10:0 a.m.โ€ข26 views

CVE-2013-3893

Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help: URL that triggers loading of hxds.dll...

7.4AI score0.82607EPSS
Exploits18References11
CVE
CVEโ€ขadded 2013/09/18 10:0 a.m.โ€ข369 views

CVE-2013-3893

CVE-2013-3893 is a use-after-free in mshtml.dll (Internet Explorer) specifically in SetMouseCapture, exploited via crafted JavaScript (notably through ms-help URLs) to achieve remote code execution across IE 6โ€“11. Connected KEV/CISA entries confirm active exploitation in the wild and classify it ...

9.3CVSS7.5AI score0.82607EPSS
In wildExploits18References12Affected Software1
Rows per page
Query Builder