Lucene search
K

198 matches found

Saint
Saint
added 2013/10/03 12:0 a.m.36 views

Internet Explorer CCaret UpdateScreenCaret Memory Corruption

Added: 10/03/2013 CVE: CVE-2013-3205 BID: 62208 OSVDB: 97094 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer contains a use-after-free error that is triggered when handling a CCaret object. The...

9.3CVSS6.7AI score0.66277EPSS
Exploits8
Saint
Saint
added 2013/10/03 12:0 a.m.52 views

Internet Explorer CCaret UpdateScreenCaret Memory Corruption

Added: 10/03/2013 CVE: CVE-2013-3205 BID: 62208 OSVDB: 97094 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer contains a use-after-free error that is triggered when handling a CCaret object. The...

9.3CVSS6.7AI score0.66277EPSS
Exploits8
Saint
Saint
added 2013/09/25 12:0 a.m.46 views

Internet Explorer HTML Rendering Engine onLoseCapture Use-After-Free Vulnerability

Added: 09/25/2013 CVE: CVE-2013-3893 BID: 62453 OSVDB: 97380 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer 6 through 11 contain a use-after-free vulnerability in the SetMouseCapture implementation in...

9.3CVSS8.9AI score0.8593EPSS
Exploits18
Saint
Saint
added 2013/09/25 12:0 a.m.45 views

Internet Explorer HTML Rendering Engine onLoseCapture Use-After-Free Vulnerability

Added: 09/25/2013 CVE: CVE-2013-3893 BID: 62453 OSVDB: 97380 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer 6 through 11 contain a use-after-free vulnerability in the SetMouseCapture implementation in...

9.3CVSS8.9AI score0.8593EPSS
Exploits18
OpenVAS
OpenVAS
added 2013/09/23 12:0 a.m.45 views

Microsoft Internet Explorer Multiple Memory Corruption Vulnerabilities (2879017)

This host is missing a critical security update according to Microsoft Bulletin MS13-080. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.3CVSS8.3AI score0.8593EPSS
Exploits24References14
NVD
NVD
added 2013/09/18 10:8 a.m.17 views

CVE-2013-3893

Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help: URL that triggers loading of hxds.dll...

9.3CVSS7.6AI score0.8593EPSS
Exploits18References12
CVE
CVE
added 2013/09/18 10:0 a.m.378 views

CVE-2013-3893

CVE-2013-3893 is a use-after-free in mshtml.dll (Internet Explorer) specifically in SetMouseCapture, exploited via crafted JavaScript (notably through ms-help URLs) to achieve remote code execution across IE 6–11. Connected KEV/CISA entries confirm active exploitation in the wild and classify it ...

9.3CVSS7.5AI score0.8593EPSS
In wildExploits18References12Affected Software1
ATTACKERKB
ATTACKERKB
added 2013/09/18 12:0 a.m.47 views

Microsoft Internet Explorer SetMouseCapture Use-After-Free

Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help. URL that triggers loading of hxds.dll. Recent...

9.3CVSS1.2AI score0.8593EPSS
Exploits18References16
Exploit DB
Exploit DB
added 2013/09/04 12:0 a.m.28 views

Microsoft Internet Explorer - CFlatMarkupPointer Use-After-Free (MS13-059) (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "MS13-059 Microsof...

9.3CVSS7AI score0.58427EPSS
Exploits8
OpenVAS
OpenVAS
added 2013/04/10 12:0 a.m.28 views

Microsoft Internet Explorer Multiple Use After Free Vulnerabilities (2817183)

This host is missing a critical security update according to Microsoft Bulletin MS13-028. OpenVAS Vulnerability Test $Id: secpodms13-028.nasl 6093 2017-05-10 09:03:18Z teissa $ Microsoft Internet Explorer Multiple Use After Free Vulnerabilities 2817183 Authors: Thanga Prakash S Copyright: Copyrig...

9.3CVSS0.20539EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2013/01/02 12:0 a.m.44 views

MS KB2794220: Vulnerability in Internet Explorer Could Allow Remote Code Execution (deprecated)

The remote host is missing the workaround referenced in KB 2794220 Microsoft 'Fix it' 50971. This workaround mitigates a use-after-free vulnerability in Internet Explorer. Without this workaround enabled, an attacker could exploit this vulnerability by tricking a user into viewing a maliciously...

9.3CVSS8.4AI score0.78823EPSS
Exploits12References2
Vulnrichment
Vulnrichment
added 2012/09/18 10:0 a.m.11 views

CVE-2012-4969

Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012...

8.3AI score0.81716EPSS
Exploits8References11
CVE
CVE
added 2012/09/18 10:0 a.m.1118 views

CVE-2012-4969

The CVE-2012-4969 issue is a use-after-free in the CMshtmlEd::Exec function of mshtml.dll used by Microsoft Internet Explorer (IE6–IE9 according to the CVE payload). Exploitation enabled remote code execution via a crafted website; the vulnerability was observed in the wild around September 2012....

9.3CVSS7.5AI score0.81716EPSS
In wildExploits8References12Affected Software1
ATTACKERKB
ATTACKERKB
added 2012/09/18 12:0 a.m.27 views

CVE-2012-4969

Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012. Recent assessments: Assessed Attacker Value: 0 Assessed...

9.3CVSS7.2AI score0.81716EPSS
In wildExploits8References14
ATTACKERKB
ATTACKERKB
added 2012/09/18 12:0 a.m.20 views

Microsoft Internet Explorer execCommand Use-After-Free

Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012. Recent assessments: wchen-r7 at September 12, 2019 6:07pm UTC...

9.3CVSS1AI score0.81716EPSS
Exploits8References1
securityvulns
securityvulns
added 2012/08/20 12:0 a.m.104 views

Internet Explorer Script Interjection Code Execution

Internet Explorer Script Interjection Code Execution Derek Soeder [email protected] Reported: January 26, 2012, to SecuriTeam Secure Disclosure http://www.beyondsecurity.com/ssd.html Published: August 16, 2012 AFFECTED VENDOR --------------- Microsoft Corporation AFFECTED ENVIRONMENTS...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2012/06/25 12:0 a.m.77 views

VUPEN Security Research - Microsoft Internet Explorer "CollectionCache" Remote Use-after-free (MS12-037)

VUPEN Security Research - Microsoft Internet Explorer "CollectionCache" Remote Use-after-free MS12-037 Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft an...

Exploits0
Symantec
Symantec
added 2012/02/14 12:0 a.m.26 views

Microsoft Internet Explorer Use-After-Free Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability because of a use-after-free error in the 'Mshtml.dll' library. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromi...

8AI score
Exploits0References1Affected Software6
Tenable Nessus
Tenable Nessus
added 2012/02/14 12:0 a.m.24 views

MS12-010: Cumulative Security Update for Internet Explorer (2647516)

The remote host is missing Internet Explorer IE Security Update 2647516. The installed version of IE is affected by several vulnerabilities that could allow an attacker to execute arbitrary code on the remote host as well as vulnerabilities that could allow the attacker to view privileged...

9.3CVSS6.2AI score0.65501EPSS
Exploits3References7
securityvulns
securityvulns
added 2011/10/20 12:0 a.m.101 views

ZDI-11-290 : Microsoft Internet Explorer SetExpandedClipRect Remote,Code Execution Vulnerability

ZDI-11-290 : Microsoft Internet Explorer SetExpandedClipRect Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-290 October 15, 2011 - -- CVE ID: CVE-2011-2001 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors: Microsoft - -- Affected Products:...

9.3CVSS0.4AI score0.71802EPSS
Exploits5
Rows per page
Query Builder