CVSS: 9.3EPSS: 79%CPEs: 6EXPL: 0CVE-2013-5047 – Microsoft Internet Explorer CMarkup::Insert Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-5047
11 Dec 2013 — Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-5048. Microsoft Internet Explorer 6 hasta la versión 11 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como "Vulnerabilidad de ... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-097 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 79%CPEs: 4EXPL: 0CVE-2013-5049 – Microsoft Internet Explorer CObjectElement Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-5049
11 Dec 2013 — Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Microsoft Internet Explorer 6 hasta la versión 9 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocida como "Vulnerabilidad de corrupción de memoria en Internet Explorer". Thi... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-097 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 32EXPL: 0CVE-2013-6906
https://notcve.org/view.php?id=CVE-2013-6906
05 Dec 2013 — Cross-site scripting (XSS) vulnerability in a mail component in Cybozu Garoon before 3.7.0, when Internet Explorer 6 through 8 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de cross-site scripting (XSS) en un componente de correo en Cybozu Garoon anteriores a 3.7.0, cuando Internet Explorer 6 a 8 es utilizado, permite a atacnates remotos inyectar scripts web o HTML arbitrarios a través de vectores no especificados. • http://cs.cybozu.co.jp/information/20131202up01.php • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 35EXPL: 0CVE-2013-6912
https://notcve.org/view.php?id=CVE-2013-6912
05 Dec 2013 — Cross-site scripting (XSS) vulnerability in a calendar component in Cybozu Garoon before 3.7.2, when Internet Explorer 6 through 9 is used, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de cross-site scripting (XSS) en un componente de calendario en Cybozu Garoon anteriores a 3.7.2, cuando Internet Explorer 6 a 9 son utilizados, permite a usuarios autenticados remotamente inyectar scripts web o HTML arbitrarios a través de vectores no especi... • http://cs.cybozu.co.jp/information/20131202up01.php • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 90%CPEs: 5EXPL: 0CVE-2013-3908
https://notcve.org/view.php?id=CVE-2013-3908
13 Nov 2013 — Microsoft Internet Explorer 6 through 10 allows user-assisted remote attackers to bypass the Same Origin Policy and obtain sensitive information from any visited document via a crafted web page that is not properly handled during a print-preview action, aka "Internet Explorer Information Disclosure Vulnerability." Microsoft Internet Explorer 6 a 10, permite a atacantes remotos asistidos por el usuario para eludir la política "Same Origin "y obtener información sensible de cualquier documento visitado a trav... • http://www.us-cert.gov/ncas/alerts/TA13-317A • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 2%CPEs: 3EXPL: 0CVE-2013-3909
https://notcve.org/view.php?id=CVE-2013-3909
13 Nov 2013 — Microsoft Internet Explorer 6 through 8 allows remote attackers to read content from a different (1) domain or (2) zone via crafted characters in Cascading Style Sheets (CSS) token sequences, aka "Internet Explorer Information Disclosure Vulnerability." Microsoft Internet Explorer 6 a 8, permite a atacantes remotos leer el contenido de un (1) dominio diferente o (2) zona a través caracteres manipulados secuencias de tokens Cascading Style Sheets (CSS) , también conocido como "Vulnerabilidad de divulgación d... • http://www.us-cert.gov/ncas/alerts/TA13-317A • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 89%CPEs: 4EXPL: 0CVE-2013-3910 – Microsoft Internet Explorer CSelectTracker Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-3910
13 Nov 2013 — Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Microsoft Internet Explorer 6 a 9, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como "Vulnerabilidad de Corrupción de memoria en Internet Explorer" This vulnerability a... • http://www.us-cert.gov/ncas/alerts/TA13-317A • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 89%CPEs: 6EXPL: 0CVE-2013-3915
https://notcve.org/view.php?id=CVE-2013-3915
13 Nov 2013 — Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3917. Microsoft Internet Explorer 6 a 11, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como "Vulnerabilidad de Corrupción de me... • http://www.us-cert.gov/ncas/alerts/TA13-317A • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 89%CPEs: 6EXPL: 0CVE-2013-3917 – Microsoft Internet Explorer CHTMLEditor Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-3917
13 Nov 2013 — Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3915. Microsoft Internet Explorer 6 a 11, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como "Vulnerabilidad de Corrupción de me... • http://www.us-cert.gov/ncas/alerts/TA13-317A • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 97%CPEs: 7EXPL: 2CVE-2013-3897 – Microsoft Internet Explorer Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2013-3897
09 Oct 2013 — Use-after-free vulnerability in the CDisplayPointer class in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JavaScript code that uses the onpropertychange event handler, as exploited in the wild in September and October 2013, aka "Internet Explorer Memory Corruption Vulnerability." Vulnerabilidad de uso después de liberación en la clase CDisplayPointer en mshtml.dll en Microsoft Internet Ex... • https://packetstorm.news/files/id/123603 • CWE-399: Resource Management Errors CWE-416: Use After Free •