CVSS: 9.3EPSS: 79%CPEs: 1EXPL: 0CVE-2015-0037 – Microsoft Internet Explorer Ptls6::LsFmtText Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-0037
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0018, CVE-2015-0040, and CVE-2015-0066. Microsoft Internet Explorer 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como 'vulnerabilidad de la corrupción de memoria de Internet Explorer,' una vulnerabilidad diferente a CVE-2015-0018, CVE-2015-0040, y CVE-2015-0066. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of arguments passed to the Ptls6::LsFmtText function. By manipulating a document's elements an attacker can access data outside the bounds of an allocated buffer. • http://www.securityfocus.com/bid/72448 http://www.securitytracker.com/id/1031723 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-009 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 79%CPEs: 3EXPL: 0CVE-2015-0038 – Microsoft Internet Explorer CUListElement Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-0038
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0042 and CVE-2015-0046. Microsoft Internet Explorer 9 hasta 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como 'vulnerabilidad de la corrupción de memoria de Internet Explorer,' una vulnerabilidad diferente a CVE-2015-0042 y CVE-2015-0046. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of CUListElement objects. By manipulating a document's elements an attacker can force a dangling pointer to be reused after it has been freed. • http://www.securityfocus.com/bid/72404 http://www.securitytracker.com/id/1031723 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-009 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 79%CPEs: 6EXPL: 0CVE-2015-0041 – Microsoft Internet Explorer CTreePos Double Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-0041
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0017, CVE-2015-0020, CVE-2015-0022, CVE-2015-0026, CVE-2015-0030, CVE-2015-0031, and CVE-2015-0036. Microsoft Internet Explorer 6 hasta 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como 'vulnerabilidad de la corrupción de memoria de Internet Explorer,' una vulnerabilidad diferente a CVE-2015-0017, CVE-2015-0020, CVE-2015-0022, CVE-2015-0026, CVE-2015-0030, CVE-2015-0031, y CVE-2015-0036. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of CTreePos objects. By manipulating a document's elements an attacker can force a dangling pointer to be reused after it has been freed. • http://www.securityfocus.com/bid/72411 http://www.securitytracker.com/id/1031723 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-009 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 79%CPEs: 3EXPL: 0CVE-2015-0042 – Microsoft Internet Explorer SVG Marker Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-0042
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0038 and CVE-2015-0046. Microsoft Internet Explorer 9 hasta 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como 'vulnerabilidad de la corrupción de memoria de Internet Explorer,' una vulnerabilidad diferente a CVE-2015-0038 y CVE-2015-0046. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how Internet Explorer processes SVG marker objects. By manipulating a document's elements an attacker can force a CGeneratedSvgTreeNode object in memory to be reused after it has been freed. • http://www.securityfocus.com/bid/72412 http://www.securitytracker.com/id/1031723 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-009 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 79%CPEs: 2EXPL: 0CVE-2015-0044 – Microsoft Internet Explorer CTableLayout Out-of-Bounds Memory Access Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-0044
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-8967 and CVE-2015-0050. Microsoft Internet Explorer 8 y 9 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como 'vulnerabilidad de la corrupción de memoria de Internet Explorer,' una vulnerabilidad diferente a CVE-2014-8967 y CVE-2015-0050. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of CTableLayout objects. By manipulating a document's elements an attacker can force out-of-bounds reads and writes to occur. • http://www.securityfocus.com/bid/72414 http://www.securitytracker.com/id/1031723 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-009 • CWE-399: Resource Management Errors •