198 matches found
The vulnerability of the mshtml.dll library in browsers Internet Explorer and Microsoft Edge allows a hacker to execute arbitrary code.
The vulnerability of the mshtml.dll library in browsers Internet Explorer and Microsoft Edge arises due to incorrect type conversion. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using vectors that include specially crafted CSS characters, along with JavaScript...
CVE-2017-0037
Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheet...
CVE-2017-0037
CVE-2017-0037 affects Microsoft Internet Explorer 10/11 and Microsoft Edge via a type confusion in mshtml.dll (Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement), enabling remote code execution through crafted CSS/JS sequences. Connected sources note public exploitation acti...
CVE-2017-0037
Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheet...
PT-2017-2273 · Microsoft · Edge +2
Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 10 through 11 Microsoft Edge affected versions not specified Description: The issue is caused by a type confusion problem in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement...
Microsoft Internet Explorer 11 DLL Hijacking
Abstract -------- Microsoft Internet Explorer 11 MSHTML.DLL Remote Binary Planting Vulnerability Affected Version: MSHTML.DLL 11.0.9600.18231 and probably below on Windows 7 SP1 Vendor Homepage: http://www.microsoft.com Severity: high Status: fixed CVE-ID: CVE-2016-0160 Description -----------...
微软 IE11 MSHTML.dll 远程拒绝服务漏洞
IE11发现的一个BUG,对HTML协议中的某些元素的处理存在代码完整性缺失。造成浏览器崩溃。 function boom var divA = document.createElement"div"; document.body.appendChilddivA; try //divA.contentEditable = "true"; divA.outerHTML = "AAAA"; var context = divA'msGetInputContext'; catch exception...
X360 VideoPlayer ActiveX Control 2.6 - Full ASLR & DEP Bypass Exploit
Exploit for windows platform in category remote exploits !-- Exploit Title: X360 VideoPlayer ActiveX Control RCE Full ASLR & DEP Bypass Author: Rh0 Date: Jan 30 2015 Affected Software: X360 VideoPlayer ActiveX Control 2.6 VideoPlayer.ocx Vulnerability: Buffer Overflow in Data Section Tested on:...
IE vulnerability commissioning of CVE-2 0 1 3-3 8 9 3-vulnerability warning-the black bar safety net
Introduction Windows platform vulnerability discovery, and security research, IE is always not open around the topic. IE vulnerabilities just like the adobe series like Classic, is learning to exploit, the shellcode and the perfect way. On the IE vulnerability, the UAF IE Use-After-Free is the mo...
Microsoft MSHTML.DLL CTIMEOUTEVENTLIST::INSERTINTOTIMEOUTLIST Memory Leak (0day)
No description provided by source...
Microsoft Internet Explorer 5.0.1 Script Action Handler Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17131/info Microsoft Internet Explorer is susceptible to a remote buffer-overflow vulnerability in 'MSHTML.DLL'. The application fails to properly bounds-check user-supplied input data before copying it into an...
MS Internet Explorer <= 6.0.2900 SP2 (CSS Attribute) Denial of Service
No description provided by source. !-- Internet Explorer = 6.0.2900 SP2 suffers from a DoS vulnerability in which a remote users Internet Explorer session can be crashed when hovering their cursor over a specially made table. The fault occurs when the position CSS attribute is set to a table. Thi...
Internet Explorer 4.0,Outlook 2000/5.5 MSHTML.DLL Crash Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2202/info MSHTML.DLL is the shared library for parsing HTML in Internet Explorer and related applications. It may be possible for an attacker to crash this library remotely and cause a denial of service with special Jscri...
MS Internet Explorer "mshtml.dll" CSS Parsing Buffer Overflow
No description provided by source. / Taken from http://www.securiteam.com/exploits/5NP042KF5A.html The exploit will create a .CSS file that should be included in an HTML file. When a user loads the HTML file, Internet Explorer will try to parse the CSS and will trigger the buffer overflow. /...
Immunity Canvas: IE_CARDSPACECLAIMCOLLECTION
Name| iecardspaceclaimcollection ---|--- CVE| CVE-2013-3918 Exploit Pack| CANVAS Description| iecardspaceclaimcollection Notes| CVE Name: CVE-2013-3918 VENDOR: Microsoft NOTES: - This exploits leaks a vtable pointer of a CTable object in order to bypass ASLR - We also leak the shellcode's address...
Internet Explorer CDisplayPointer Object onpropertychange Use-After-Free
Added: 10/10/2013 CVE: CVE-2013-3897 BID: 62811 OSVDB: 98207 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer contains a use-after-free error when processing CDisplayPointer objects contained in...
Internet Explorer CDisplayPointer Object onpropertychange Use-After-Free
Added: 10/10/2013 CVE: CVE-2013-3897 BID: 62811 OSVDB: 98207 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer contains a use-after-free error when processing CDisplayPointer objects contained in...
Internet Explorer CDisplayPointer Object onpropertychange Use-After-Free
Added: 10/10/2013 CVE: CVE-2013-3897 BID: 62811 OSVDB: 98207 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer contains a use-after-free error when processing CDisplayPointer objects contained in...
Internet Explorer CDisplayPointer Object onpropertychange Use-After-Free
Added: 10/10/2013 CVE: CVE-2013-3897 BID: 62811 OSVDB: 98207 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer contains a use-after-free error when processing CDisplayPointer objects contained in...
Microsoft Internet Explorer SetMouseCapture Use-After-Free
Use-after-free vulnerability in the CDisplayPointer class in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via crafted JavaScript code that uses the onpropertychange event handler, as exploit...