148 matches found
Internet Explorer VML Dashstyle Attributes Integer Overflow
Added: 06/03/2013 CVE: CVE-2013-2551 BID: 58570 OSVDB: 91197 Background Vector Markup Language VML is an XML-based format for vector graphics. Problem An integer overflow vulnerability in vml.dll when processing dashstyle attributes of certain VML elements in a web page allows arbitrary command...
(Pwn2Own) Microsoft Internet Explorer VML Parsing Remote Code Execution Vulnerabillity
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Microsoft Internet Explorer VML TextBox Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 VML Remote Integer Overflow (MS13-037 / Pwn2Own)
VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 VML Remote Integer Overflow MS13-037 / Pwn2Own Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and included a...
Internet Explorer VML Objects Use After Free (MS13-037; CVE-2013-2551)
A buffer overflow vulnerability exists in Internet Explorer while accessing a dynamic array of attributes of a VML shape object. The vulnerability may lead to memory corruption in such a way that will allow code execution in the context of the current user...
Microsoft Internet Explorer multiple security vulnerabilities
Information leakage, multiple use-after-free vulnerabilities, VML memory corruption...
CVE-2013-0030
The Vector Markup Language VML implementation in Microsoft Internet Explorer 6 through 10 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via a crafted web site, aka "VML Memory Corruption Vulnerability."...
Memory corruption
The Vector Markup Language VML implementation in Microsoft Internet Explorer 6 through 10 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via a crafted web site, aka "VML Memory Corruption Vulnerability."...
CVE-2013-0030
CVE-2013-0030 concerns memory corruption in Internet Explorer’s Vector Markup Language (VML) implementation. Multiple connected sources confirm the vulnerability affects IE versions 6–10 and stems from improper buffer allocation, enabling remote code execution via a crafted web page. The issue is...
CVE-2013-0030
The Vector Markup Language VML implementation in Microsoft Internet Explorer 6 through 10 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via a crafted web site, aka "VML Memory Corruption Vulnerability."...
Microsoft Internet Explorer VML Remote Code Execution Vulnerability (2797052)
This host is missing a critical security update according to Microsoft Bulletin MS13-010. OpenVAS Vulnerability Test $Id: secpodms13-010.nasl 6115 2017-05-12 09:03:25Z teissa $ Microsoft Internet Explorer VML Remote Code Execution Vulnerability 2797052 Authors: Thanga Prakash S Copyright: Copyrig...
PT-2013-2077 · Microsoft · Internet Explorer
Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 6 through 10 Description: A remote code execution issue exists due to improper buffer allocation in the Vector Markup Language VML implementation, allowing attackers to execute arbitrary code via a crafted...
Microsoft Internet Explorer VML Remote Code Execution Vulnerability (2797052)
This host is missing a critical security update according to Microsoft Bulletin MS13-010. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Patches Critical IE Vulnerabilities
Internet Explorer continues to dominate Microsoft’s 2013 security updates. Among the 12 bulletins and 57 vulnerabilities patched in today’s release was a cumulative update for the maligned browser and another fix for a bug being exploited in the wild. Last month, an out-of-band fix for IE 6-8...
Microsoft Internet Explorer Vector Markup Language CVE-2013-0030 Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability that affects the implementation of Vector Markup Language VML. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to...
Internet Explorer VML Objects Memory Corruption (MS13-009; CVE-2013-0030)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way VML buffers are allocated. A remote attacker could trigger this vulnerability by enticing an unsuspecting victim to open a specially crafted web page. An attacke...
VUPEN Security Research - Microsoft Internet Explorer VML Remote Code Execution (MS12-023 / CVE-2012-0172)
VUPEN Security Research - Microsoft Internet Explorer VML Remote Code Execution MS12-023 / CVE-2012-0172 Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft...
Microsoft Internet Explorer VML样式远程代码执行漏洞(CVE-2012-0172)(MS12-023)
BUGTRAQ ID: 52906 CVE ID: CVE-2012-0172 Microsoft Internet Explorer是微软公司推出的一款网页浏览器。 Microsoft Internet Explorer在访问已经删除的对象时在实现上存在可以破坏内存的远程代码执行漏洞,攻击者可利用此漏洞以当前用户权限执行任意代码。 0 Microsoft Internet Explorer 9.x Microsoft Internet Explorer 8.x Microsoft Internet Explorer 7.x Microsoft Internet Explorer 6.x...
Microsoft Internet Explorer Multiple Vulnerabilities (2675157)
This host is missing a critical security update according to Microsoft Bulletin MS12-023. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Internet Explorer Multiple Vulnerabilities (2675157)
This host is missing a critical security update according to Microsoft Bulletin MS12-023. OpenVAS Vulnerability Test $Id: secpodms12-023.nasl 6526 2017-07-05 05:43:52Z cfischer $ Microsoft Internet Explorer Multiple Vulnerabilities 2675157 Authors: Rachana Shetty Copyright: Copyright c 2012 SecPo...