CVSS: 9.3EPSS: 82%CPEs: 5EXPL: 0CVE-2014-0269 – Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-0269
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Microsoft Internet Explorer 6 hasta 10 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como "Internet Explorer Memory Corruption Vulnerability." This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of CMarkup objects. By manipulating a document's elements an attacker can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process. • http://osvdb.org/103169 http://secunia.com/advisories/56796 http://www.securityfocus.com/bid/65363 http://www.securitytracker.com/id/1029741 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-010 https://exchange.xforce.ibmcloud.com/vulnerabilities/90760 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 82%CPEs: 3EXPL: 0CVE-2014-0270 – Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-0270
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0273, CVE-2014-0274, and CVE-2014-0288. Microsoft Internet Explorer 9 hasta 11 permite a atacantes remotos ejecutar código arbitrario o causar une denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como "Internet Explorer Memory Corruption Vulnerability," una vulnerabilidad diferente a CVE-2014-0273, CVE-2014-0274 y CVE-2014-0288. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of CMarkup objects. By manipulating a document's elements an attacker can force a dangling pointer to be reused after it has been freed. • http://osvdb.org/103170 http://secunia.com/advisories/56796 http://www.securityfocus.com/bid/65367 http://www.securitytracker.com/id/1029741 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-010 https://exchange.xforce.ibmcloud.com/vulnerabilities/90761 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 91%CPEs: 9EXPL: 0CVE-2014-0271
https://notcve.org/view.php?id=CVE-2014-0271
The VBScript engine in Microsoft Internet Explorer 6 through 11, and VBScript 5.6 through 5.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memory Corruption Vulnerability." El motor VBScript en Microsoft Internet Explorer 6 hasta 11 y VBScript 5.6 hasta 5.8, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como "VBScript Memory Corruption Vulnerability." • http://osvdb.org/103166 http://secunia.com/advisories/56796 http://secunia.com/advisories/56814 http://www.securityfocus.com/bid/65395 http://www.securitytracker.com/id/1029741 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-010 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-011 https://exchange.xforce.ibmcloud.com/vulnerabilities/90757 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 50%CPEs: 3EXPL: 0CVE-2014-0272
https://notcve.org/view.php?id=CVE-2014-0272
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Microsoft Internet Explorer 8 hasta 10 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como "Internet Explorer Memory Corruption Vulnerability." • http://osvdb.org/103171 http://secunia.com/advisories/56796 http://www.securityfocus.com/bid/65370 http://www.securitytracker.com/id/1029741 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-010 https://exchange.xforce.ibmcloud.com/vulnerabilities/90762 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 50%CPEs: 3EXPL: 0CVE-2014-0273
https://notcve.org/view.php?id=CVE-2014-0273
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0270, CVE-2014-0274, and CVE-2014-0288. Microsoft Internet Explorer 9 hasta 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como "Internet Explorer Memory Corruption Vulnerability," una vulnerabilidad diferente a CVE-2014-0270, CVE-2014-0274 y CVE-2014-0288. • http://osvdb.org/103172 http://secunia.com/advisories/56796 http://www.securityfocus.com/bid/65371 http://www.securitytracker.com/id/1029741 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-010 https://exchange.xforce.ibmcloud.com/vulnerabilities/90763 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •