CVSS: 9.3EPSS: 81%CPEs: 4EXPL: 0CVE-2013-3204
https://notcve.org/view.php?id=CVE-2013-3204
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Microsoft Internet Explorer 7 hasta 10 permiten a un atacante remoto ejecutar código a discrección o causar una denegación de servicio (corrupción de memoria), a través de un sitio web manipulado, tambien conocida como "Vulnerabilidad de Corrupción de Memoria en Internet Explorer". • http://www.us-cert.gov/ncas/alerts/TA13-253A https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-069 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18975 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 88%CPEs: 2EXPL: 0CVE-2013-3206 – Microsoft Internet Explorer CWindow Destructor Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-3206
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3201, CVE-2013-3203, CVE-2013-3207, and CVE-2013-3209. Microsoft Internet Explorer 9 y 10 permite a atacantes remotos ejecutar código arbitrario o causar denegacion de servicio (corrupcion de memoria) a través de un sitio web manipulado . Conocido también como "Vulnerabilidad de Corrupción de Memoria en Internet Explorer", vulnerabilidad distinta a CVE-2013-3201, CVE-2013-3203, CVE-2013-3207, and CVE-2013-3209. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the unloading of pages. • http://www.us-cert.gov/ncas/alerts/TA13-253A https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-069 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18855 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 88%CPEs: 1EXPL: 0CVE-2013-3202 – Microsoft Internet Explorer CTreePos Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-3202
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Microsoft Internet Explorer 10 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado. Aka "Internet Explorer Memory Corruption Vulnerability". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of CTreePos objects. • http://www.us-cert.gov/ncas/alerts/TA13-253A https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-069 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18557 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 88%CPEs: 2EXPL: 0CVE-2013-3209 – Microsoft Internet Explorer CSegment Object Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-3209
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3201, CVE-2013-3203, CVE-2013-3206, and CVE-2013-3207. Microsoft Internet Explorer 9 y 10 permiten a atacantes remotos ejecutar código a discrección o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, tambien conocida como "Vulnerabilidad de Corrupción de Memoria en Internet Explorer", una vulnerabilidad diferente a CVE-2013-3201, CVE-2013-3203, CVE-2013-3206, y CVE-2013-3207. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the usage of execCommand("selectAll") and selection.clear which can cause a CSegment object to be freed. The process can be later forced to reuse this pointer resulting in a use-after-free condition. • http://www.us-cert.gov/ncas/alerts/TA13-253A https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-069 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18650 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 88%CPEs: 2EXPL: 0CVE-2013-3207 – Microsoft Internet Explorer CBlockElement Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-3207
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3201, CVE-2013-3203, CVE-2013-3206, and CVE-2013-3209. Microsoft Internet Explorer 9 y 10 permite a atacantes remotos ejecutar código arbitrario o causar denegación de servicio (corrupcion de memoria) a través de un sitio web manipulado. Conocido también como "Vulnerabilidad de Corrupción de Memoria de Internet Explorer". Vulnerabilidad diferente a CVE-2013-3201, CVE-2013-3203, CVE-2013-3206,y CVE-2013-3209. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. • http://www.us-cert.gov/ncas/alerts/TA13-253A https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-069 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18964 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •