Lucene search
K

198 matches found

bdu_fstec
bdu_fstec
added 2017/06/23 12:0 a.m.8 views

The vulnerability of the mshtml.dll library in browsers Internet Explorer and Microsoft Edge allows a hacker to execute arbitrary code.

The vulnerability of the mshtml.dll library in browsers Internet Explorer and Microsoft Edge arises due to incorrect type conversion. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using vectors that include specially crafted CSS characters, along with JavaScript...

7.6CVSS7.3AI score0.80386EPSS
Exploits9References5Affected Software1
osv
osv
added 2017/02/26 11:59 p.m.4 views

CVE-2017-0037

Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheet...

8.1CVSS6.1AI score0.80386EPSS
Exploits9References10
cve
cve
added 2017/02/26 11:30 p.m.1066 views

CVE-2017-0037

CVE-2017-0037 affects Microsoft Internet Explorer 10/11 and Microsoft Edge via a type confusion in mshtml.dll (Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement), enabling remote code execution through crafted CSS/JS sequences. Connected sources note public exploitation acti...

8.1CVSS6.4AI score0.80386EPSS
In wildExploits9References10Affected Software1
cvelist
cvelist
added 2017/02/26 11:30 p.m.43 views

CVE-2017-0037

Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheet...

6.5AI score0.80386EPSS
Exploits9References9
ptsecurity
ptsecurity
added 2017/02/26 12:0 a.m.4 views

PT-2017-2273 · Microsoft · Edge +2

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 10 through 11 Microsoft Edge affected versions not specified Description: The issue is caused by a type confusion problem in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement...

8.1CVSS8.2AI score0.80386EPSS
Exploits9References19
packetstorm
packetstorm
added 2016/04/15 12:0 a.m.63 views

Microsoft Internet Explorer 11 DLL Hijacking

Abstract -------- Microsoft Internet Explorer 11 MSHTML.DLL Remote Binary Planting Vulnerability Affected Version: MSHTML.DLL 11.0.9600.18231 and probably below on Windows 7 SP1 Vendor Homepage: http://www.microsoft.com Severity: high Status: fixed CVE-ID: CVE-2016-0160 Description -----------...

7.2CVSS5.9AI score0.12877EPSS
Exploits1
seebug
seebug
added 2015/09/15 12:0 a.m.18 views

微软 IE11 MSHTML.dll 远程拒绝服务漏洞

IE11发现的一个BUG,对HTML协议中的某些元素的处理存在代码完整性缺失。造成浏览器崩溃。 function boom var divA = document.createElement"div"; document.body.appendChilddivA; try //divA.contentEditable = "true"; divA.outerHTML = "AAAA"; var context = divA'msGetInputContext'; catch exception...

7.1AI score
Exploits0
zdt
zdt
added 2015/01/30 12:0 a.m.39 views

X360 VideoPlayer ActiveX Control 2.6 - Full ASLR & DEP Bypass Exploit

Exploit for windows platform in category remote exploits !-- Exploit Title: X360 VideoPlayer ActiveX Control RCE Full ASLR & DEP Bypass Author: Rh0 Date: Jan 30 2015 Affected Software: X360 VideoPlayer ActiveX Control 2.6 VideoPlayer.ocx Vulnerability: Buffer Overflow in Data Section Tested on:...

7.1AI score
Exploits0
myhack58
myhack58
added 2014/12/27 12:0 a.m.13 views

IE vulnerability commissioning of CVE-2 0 1 3-3 8 9 3-vulnerability warning-the black bar safety net

Introduction Windows platform vulnerability discovery, and security research, IE is always not open around the topic. IE vulnerabilities just like the adobe series like Classic, is learning to exploit, the shellcode and the perfect way. On the IE vulnerability, the UAF IE Use-After-Free is the mo...

7.3AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.19 views

Microsoft MSHTML.DLL CTIMEOUTEVENTLIST::INSERTINTOTIMEOUTLIST Memory Leak (0day)

No description provided by source...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.7 views

Microsoft Internet Explorer 5.0.1 Script Action Handler Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17131/info Microsoft Internet Explorer is susceptible to a remote buffer-overflow vulnerability in 'MSHTML.DLL'. The application fails to properly bounds-check user-supplied input data before copying it into an...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.16 views

MS Internet Explorer <= 6.0.2900 SP2 (CSS Attribute) Denial of Service

No description provided by source. !-- Internet Explorer = 6.0.2900 SP2 suffers from a DoS vulnerability in which a remote users Internet Explorer session can be crashed when hovering their cursor over a specially made table. The fault occurs when the position CSS attribute is set to a table. Thi...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.22 views

Internet Explorer 4.0,Outlook 2000/5.5 MSHTML.DLL Crash Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2202/info MSHTML.DLL is the shared library for parsing HTML in Internet Explorer and related applications. It may be possible for an attacker to crash this library remotely and cause a denial of service with special Jscri...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.11 views

MS Internet Explorer "mshtml.dll" CSS Parsing Buffer Overflow

No description provided by source. / Taken from http://www.securiteam.com/exploits/5NP042KF5A.html The exploit will create a .CSS file that should be included in an HTML file. When a user loads the HTML file, Internet Explorer will try to parse the CSS and will trigger the buffer overflow. /...

7.1AI score
Exploits0
canvas
canvas
added 2013/11/12 2:35 p.m.60 views

Immunity Canvas: IE_CARDSPACECLAIMCOLLECTION

Name| iecardspaceclaimcollection ---|--- CVE| CVE-2013-3918 Exploit Pack| CANVAS Description| iecardspaceclaimcollection Notes| CVE Name: CVE-2013-3918 VENDOR: Microsoft NOTES: - This exploits leaks a vtable pointer of a CTable object in order to bypass ASLR - We also leak the shellcode's address...

9.3CVSS1.1AI score0.73872EPSS
Exploits3
saint
saint
added 2013/10/10 12:0 a.m.70 views

Internet Explorer CDisplayPointer Object onpropertychange Use-After-Free

Added: 10/10/2013 CVE: CVE-2013-3897 BID: 62811 OSVDB: 98207 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer contains a use-after-free error when processing CDisplayPointer objects contained in...

9.3CVSS8.9AI score0.77462EPSS
Exploits8
saint
saint
added 2013/10/10 12:0 a.m.89 views

Internet Explorer CDisplayPointer Object onpropertychange Use-After-Free

Added: 10/10/2013 CVE: CVE-2013-3897 BID: 62811 OSVDB: 98207 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer contains a use-after-free error when processing CDisplayPointer objects contained in...

9.3CVSS8.9AI score0.77462EPSS
Exploits8
saint
saint
added 2013/10/10 12:0 a.m.40 views

Internet Explorer CDisplayPointer Object onpropertychange Use-After-Free

Added: 10/10/2013 CVE: CVE-2013-3897 BID: 62811 OSVDB: 98207 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer contains a use-after-free error when processing CDisplayPointer objects contained in...

9.3CVSS8.9AI score0.77462EPSS
Exploits8
saint
saint
added 2013/10/10 12:0 a.m.34 views

Internet Explorer CDisplayPointer Object onpropertychange Use-After-Free

Added: 10/10/2013 CVE: CVE-2013-3897 BID: 62811 OSVDB: 98207 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer contains a use-after-free error when processing CDisplayPointer objects contained in...

9.3CVSS8.9AI score0.77462EPSS
Exploits8
attackerkb
attackerkb
added 2013/10/09 12:0 a.m.112 views

Microsoft Internet Explorer SetMouseCapture Use-After-Free

Use-after-free vulnerability in the CDisplayPointer class in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via crafted JavaScript code that uses the onpropertychange event handler, as exploit...

9.3CVSS8.9AI score0.8593EPSS
In wildExploits42References9
Rows per page
Query Builder