Page 10 of 320 results (0.017 seconds)

CVSS: 6.9EPSS: 2%CPEs: 5EXPL: 0

Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1748. Microsoft Internet Explorer 7 hasta 11 permite a atacantes remotos ganar privilegios a través de un sitio web manipulado, también conocido como 'vulnerabilidad de la elevación de privilegios de Internet Explorer,' una vulnerabilidad diferente a CVE-2015-1748. This vulnerability allows remote attackers to escape Enhanced Protected Mode on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the usage of the add-on installer. An attacker can bypass checks within the add-on installer with special paths and junction points to achieve medium-integrity code execution under the context of the user. • http://www.securityfocus.com/bid/74996 http://www.securitytracker.com/id/1032521 http://www.zerodayinitiative.com/advisories/ZDI-15-377 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-056 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 4.3EPSS: 22%CPEs: 5EXPL: 0

Microsoft Internet Explorer 7 through 11 allows user-assisted remote attackers to read the clipboard contents via crafted web script, aka "Internet Explorer Clipboard Information Disclosure Vulnerability." Microsoft Internet Explorer 7 hasta 11 permite a atacantes remotos asistidos por usuarios leer el contenido del portapapeles a través de una secuencia de comandos web manipulada, también conocido como 'vulnerabilidad de la divulgación de información del portapapeles de Internet Explorer.' • http://www.securityfocus.com/bid/74517 http://www.securitytracker.com/id/1032282 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-043 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.3EPSS: 59%CPEs: 5EXPL: 0

Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Microsoft Internet Explorer 7 hasta 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como 'vulnerabilidad de la corrupción de memoria de Internet Explorer.' This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Tree::TableGridBlock objects. By manipulating a document's elements, an attacker can force a dangling pointer to be reused after it has been freed. • http://www.securityfocus.com/bid/74512 http://www.securitytracker.com/id/1032282 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-043 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 72%CPEs: 6EXPL: 0

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1694. Microsoft Internet Explorer 6 hasta 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como 'vulnerabilidad de la corrupción de memoria de Internet Explorer,' una vulnerabilidad diferente a CVE-2015-1694. • http://www.securityfocus.com/bid/74513 http://www.securitytracker.com/id/1032282 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-043 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 1%CPEs: 6EXPL: 0

Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1704. Microsoft Internet Explorer 6 hasta 11 permite a atacantes remotos ganar privilegios a través de un sitio web manipulado, también conocido como 'vulnerabilidad de la elevación de privilegios de Internet Explorer,' una vulnerabilidad diferente a CVE-2015-1704. • http://www.securityfocus.com/bid/74520 http://www.securitytracker.com/id/1032282 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-043 • CWE-264: Permissions, Privileges, and Access Controls •