Lucene search
K

125 matches found

seebug.org
seebug.org
added 2013/03/15 12:0 a.m.52 views

Microsoft Internet Explorer removeChild释放后重用远程代码执行漏洞(CVE-2013-0094)(MS13-021)

BUGTRAQ ID: 58348 CVECAN ID: CVE-2013-0094 Microsoft Internet Explorer是微软公司推出的一款网页浏览器 Microsoft Internet Explorer 6/7/8/9/10在removeChild的实现上存在释放后重用远程代码执行漏洞,在用户使用 Internet Explorer 查看特制网页时允许远程执行代码。成功利用这些漏洞的攻击者可以获得与当前用户相同的用户权限。那些帐户被配置为拥有较少系统用户权限的用户比具有管理用户权限的用户受到的影响要小 0 Microsoft Internet Explorer 9...

9.3CVSS6.4AI score0.18477EPSS
Exploits1
seebug.org
seebug.org
added 2013/02/18 12:0 a.m.44 views

Microsoft Internet Explorer Shift JIS字符信息泄露漏洞(CVE-2013-0015) (ms13-009)

BUGTRAQ ID: 57822 CVECAN ID: CVE-2013-0015 Microsoft Internet Explorer是微软公司推出的一款网页浏览器。 Shift JIS是日本语的字符编码。Internet Explorer 6, 7, 8, 9没有正确执行Shift JIS编码的自动选择,通过构造触发跨域滚动事件的特制网站,远程攻击者可从不同的域或区域读取内容,造成信息泄露。 0 Microsoft Internet Explorer 6 - 9 临时解决方法: 如果您不能立刻安装补丁或者升级,建议您采取以下措施以降低威胁: 将互联网和局域网安全区域设置为“高”...

4.3CVSS6.4AI score0.15853EPSS
Exploits1
seebug.org
seebug.org
added 2012/12/13 12:0 a.m.42 views

Microsoft Internet Explorer Ref Counting释放后重用远程代码执行漏洞(MS12-077)

BUGTRAQ ID: 56830 CVECAN ID: CVE-2012-4787 Microsoft Internet Explorer是微软公司推出的一款网页浏览器,使用相当广泛。 Microsoft Internet Explorer 6、7、8、9、10在处理恶意HTML内容时,Ref Counting存在错误的内存操作,通过引诱用户浏览恶意网站,未经身份验证的远程攻击者可利用此漏洞以当前用户权限执行任意代码。 0 Microsoft Internet Explorer 9.x Microsoft Internet Explorer 8.x Microsoft Internet...

9.3CVSS6.4AI score0.17572EPSS
Exploits1
ThreatPost
ThreatPost
added 2012/09/19 12:20 p.m.19 views

Microsoft FixIt Will Address IE Zero-Day Vulnerability

With Internet Explorer users still exposed to as many as four active exploits of a zero-day vulnerability in the browser, Microsoft Tuesday night said it will release a FixIt in the next couple of days that will address the issue. A FixIt is an automated tool provided by Microsoft that diagnoses...

7.7AI score
Exploits0References3
Symantec
Symantec
added 2012/06/12 12:0 a.m.22 views

Microsoft Internet Explorer Scrolling Events Cross Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability. An attacker can exploit this issue to view content from a browser window in another domain or security zone. This may allow the attacker to obtain sensitive information or aid in further...

7AI score
Exploits0Affected Software1
Check Point Advisories
Check Point Advisories
added 2010/10/12 12:0 a.m.18 views

Internet Explorer Cross-Domain Information Disclosure (MS10-071; CVE-2010-3330)

Multiple memory corruption vulnerabilities have been reported in Microsoft Internet Explorer. An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in Internet Explorer that incorrectly allows scripts to access and read...

4.3CVSS6.1AI score0.22257EPSS
Exploits1
Prion
Prion
added 2010/08/11 6:47 p.m.20 views

Cross site scripting

Microsoft Internet Explorer 6, 7, and 8 does not properly determine the origin of script code, which allows remote attackers to execute script in an unintended domain or security zone, and obtain sensitive information, via unspecified vectors, aka "Event Handler Cross-Domain Vulnerability."...

4.3CVSS7.4AI score0.16995EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2010/08/11 6:0 p.m.57 views

CVE-2010-1258

CVE-2010-1258 arises from Internet Explorer 6–8 failing to determine the origin of script code, enabling a remote attacker to run script in a different domain/zone and potentially access user data. The primary entry is through crafted web content that exploits cross-domain context (Event Handler ...

4.3CVSS6.9AI score0.16995EPSS
Exploits0References3Affected Software1
Symantec
Symantec
added 2010/08/10 12:0 a.m.26 views

Microsoft Internet Explorer Event Handler Cross Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to access local files or content from a browser window in another domain or security...

6.9AI score
Exploits0Affected Software4
securityvulns
securityvulns
added 2010/06/07 12:0 a.m.32 views

DoS attacks on email clients via protocol handlers

Hello 3APA3A! I want to warn you about security vulnerabilities in email clients, particularly in Outlook Express and Outlook. This advisory is concerned with my series of advisories about vulnerabilities in browsers, which belong to group of DoS via protocol handlers. ---------------------------...

1.7AI score
Exploits0
ThreatPost
ThreatPost
added 2010/05/17 6:46 p.m.22 views

Trusted Sites Zone

The Trusted sites zone is a security zone for sites that you think are safe to visit. You believe that the site is designed with security in mind and that it can be trusted not to contain malicious content. To add or remove sites from this zone, you can click the Sites button. This will open a...

0.2AI score
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2010/04/01 12:0 a.m.11 views

Internet Explorer Element Cross-Domain Information Disclosure (MS10-018; CVE-2010-0494)

Microsoft Internet Explorer is the most widely used Internet browser. An information disclosure vulnerability has been reported in Internet Explorer. The vulnerability is due to the way Internet Explorer incorrectly interprets the origin of script, allowing the script to run in the context of a...

4.3CVSS5.5AI score0.22893EPSS
Exploits1
seebug.org
seebug.org
added 2010/03/04 12:0 a.m.36 views

Internet Explorer winhlp32.exe 'MsgBox()'远程代码执行漏洞

BUGTRAQ ID: 38463 CVECAN ID: CVE-2010-0483 Internet Explorer是Windows操作系统中默认捆绑的web浏览器。 用户可以使用VBScript从IE调用winhlp32.exe服务,如果向该服务传送了恶意的.HLP文件就会导致执行任意命令。 必需一些用户交互才可以触发这个漏洞,在显示MsgBox弹出框时用户需要按下F1。以下是MsgBox函数的句法: MsgBoxprompt,buttons,title,helpfile,context...

7.6CVSS6.4AI score0.86367EPSS
Exploits7
seebug.org
seebug.org
added 2009/10/19 12:0 a.m.24 views

Microsoft Windows索引服务ActiveX控件内存破坏漏洞(MS09-057)

BUGTRAQ ID: 36629 CVECAN ID: CVE-2009-2507 Windows是微软发布的非常流行的操作系统。 Windows的索引服务所包含的ActiveX控件未正确处理特制Web内容,导致Windows系统上的索引服务中存在内存破坏漏洞。成功利用此漏洞的攻击者可以完全控制受影响的系统。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Server 2003 SP2 Microsoft Windows Server 2003 SP1 Microsoft Windows...

9.3CVSS2.9AI score0.19291EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2009/10/08 12:0 a.m.12 views

Microsoft Windows Shell Remote Code Execution (MS04-024; CVE-2004-0420)

A vulnerability has been discovered in the Microsoft Windows Shell, an API that provides a basic framework for the Windows user interface. The Shell provides many functions that perform various configuration tasks and background operations, such as launching applications through the Start Menu...

10CVSS6.6AI score0.46012EPSS
Exploits1
securityvulns
securityvulns
added 2009/06/11 12:0 a.m.67 views

CORE-2008-0826 - Internet Explorer Security Zone restrictions bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Internet Explorer Security Zone restrictions bypass 1. Advisory Information Title: Internet Explorer Security Zone restrictions bypass Advisory ID: CORE-2008-0826...

7.1CVSS8AI score0.24762EPSS
Exploits2
Packet Storm
Packet Storm
added 2009/06/10 12:0 a.m.81 views

Core Security Technologies Advisory 2008.0826

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Internet Explorer Security Zone restrictions bypass 1. Advisory Information Title: Internet Explorer Security Zone restrictions bypass Advisory ID: CORE-2008-0826...

7.1CVSS0.4AI score0.24762EPSS
Exploits2
securityvulns
securityvulns
added 2009/06/10 12:0 a.m.57 views

[Full-disclosure] CORE-2008-0826 - Internet Explorer Security Zone restrictions bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Internet Explorer Security Zone restrictions bypass 1. Advisory Information Title: Internet Explorer Security Zone restrictions bypass Advisory ID: CORE-2008-0826...

7.1CVSS8AI score0.24762EPSS
Exploits2
Core Security
Core Security
added 2009/06/09 12:0 a.m.63 views

Internet Explorer Security Zone restrictions bypass

Advisory ID Internal CORE-2008-0826 1. Advisory Information Title: Internet Explorer Security Zone restrictions bypass Advisory ID: CORE-2008-0826 Date published: 2009-06-09 Date of last update: 2009-06-09 Vendors contacted: Microsoft Release mode: Coordinated release 2. Vulnerability Information...

7.1CVSS5.9AI score0.24762EPSS
Exploits2
exploitpack
exploitpack
added 2009/06/09 12:0 a.m.8 views

Microsoft Internet Explorer 5.0.1 - Cached Content Cross Domain Information Disclosure

Microsoft Internet Explorer 5.0.1 - Cached Content Cross Domain Information Disclosure source: https://www.securityfocus.com/bid/35200/info Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to properly enforce the same-origin...

7.2AI score
Exploits0
Rows per page
Query Builder