MS15-018 Microsoft Internet Explorer 10 and 11 Cross-Domain JavaScript Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MS15-018 Microsoft Internet Explorer 10 and 11 Cross-Domain JavaScript Injection", 'Description' = %q This module exploits a universal cross-site...

Microsoft Internet Explorer 8 jscript - 'Reg­Exp­Base::FBad­Header' Use-After-Free (MS15

Exploit for windows platform in category dos / poc // This Po­C attempts to exploit a use-after-free bug in Microsoft Internet // Explorer 8. // See http://blog.skylined.nl/20161116001.html for details. var r=new Reg­Exp"A|x|x|xx|xxxxxxxxxxxxxxxxxxxx+", "g"; "A".replacer, function // Force OLEAUT...

Microsoft Internet Explorer 8 - jscript Reg­Exp­Base::FBad­Header Use-After-Free (MS15-018)

Microsoft Internet Explorer 8 - jscript Reg­Exp­Base::FBad­Header Use-After-Free MS15-018 // This Po­C attempts to exploit a use-after-free bug in Microsoft Internet // Explorer 8. // See http://blog.skylined.nl/20161116001.html for details. var r=new Reg­Exp"A|x|x|xx|xxxxxxxxxxxxxxxxxxxx+", "g";...

Microsoft Internet Explorer 8 - jscript 'Reg­Exp­Base::FBad­Header' Use-After-Free (MS15-018)

// This Po­C attempts to exploit a use-after-free bug in Microsoft Internet // Explorer 8. // See http://blog.skylined.nl/20161116001.html for details. var r=new Reg­Exp"A|x|x|xx|xxxxxxxxxxxxxxxxxxxx+", "g"; "A".replacer, function // Force OLEAUT32 to free the string for var j = 0; j !--...

Microsoft Internet Explorer 8 Javascript RegExpBase::FBadHeader Use-After-Free

Throughout November, I plan to release details on vulnerabilities I found in web-browsers which I've not released before. This is the twelfth entry in that series. Unfortunately I won't be able to publish everything within one month at the current rate, so I may continue to publish these through...

Microsoft Internet Explorer Memory Corruption (MS15-018: CVE-2015-1634)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

Microsoft Internet Explorer Memory Corruption (MS15-018: CVE-2015-1626)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

Microsoft Internet Explorer Memory Corruption (MS15-018: CVE-2015-1623)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

Microsoft Internet Explorer Elevation of Privilege (MS15-018: CVE-2015-1627)

An elevation of privilege vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer validates permissions under specific conditions, potentially allowing script to be run with elevated privileges...

Microsoft Internet Explorer Memory Corruption (MS15-018: CVE-2015-0099)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

Microsoft Internet Explorer Memory Corruption (MS15-018: CVE-2015-1624)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

Microsoft Internet Explorer Memory Corruption (MS15-018: CVE-2015-0056)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...