Page 134 of 1742 results (0.003 seconds)

CVSS: 4.3EPSS: 18%CPEs: 2EXPL: 0

Microsoft Internet Explorer 9 and 10 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability." Microsoft Internet Explorer 9 y 10 permite a atacantes remotos leer el contenido de (1) un dominio o (2) una zona diferentes a través de un sitio web manipulado, también conocido como 'vulnerabilidad de la divulgación de información de dominios cruzados de Internet Explorer.' • http://www.securityfocus.com/bid/70942 http://www.securitytracker.com/id/1031185 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-065 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.3EPSS: 18%CPEs: 4EXPL: 0

Microsoft Internet Explorer 8 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability." Microsoft Internet Explorer 8 hasta 11 permite a atacantes remotos leer el contenido de (1) un dominio o (2) una zona diferentes a través de un sitio web manipulado, también conocido como 'vulnerabilidad de la divulgación de información de dominios cruzados.' • http://www.securityfocus.com/bid/70946 http://www.securitytracker.com/id/1031185 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-065 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.3EPSS: 83%CPEs: 1EXPL: 0

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Microsoft Internet Explorer 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como 'vulnerabilidad de la corrupción de memoria de Internet Explorer.' This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to the way Internet Explorer handles requests for properties of objects of type DOMStringMap. If script sets a DOMStringMap object to be the JavaScript prototype of another object of some other type, and then requests a property from the DOMStringMap via its relationship to that other object, Internet Explorer confuses the two types of objects involved. • http://www.securityfocus.com/bid/70347 http://www.securitytracker.com/id/1031185 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-065 • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 85%CPEs: 1EXPL: 0

Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6342. Microsoft Internet Explorer 9 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como 'vulnerabilidad de la corrupción de memoria de Internet Explorer', una vulnerabilidad diferente a CVE-2014-6342. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how Internet Explorer manages the lifetime of HTML header elements. By manipulating a document's elements an attacker can force a CHeaderElement object in memory to be reused after it has been freed. • http://www.securityfocus.com/bid/70348 http://www.securitytracker.com/id/1031185 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-065 • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 85%CPEs: 4EXPL: 0

Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Microsoft Internet Explorer 8 hasta 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como 'vulnerabilidad de corrupción de memoria de Internet Explorer.' This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how Internet Explorer processes CSS-generated quotes. By creating a document with a particular structure that utilizes CSS-generated quotes, an attacker can force a CQuotes object in memory to be reused after it has been freed. • http://www.securityfocus.com/bid/70323 http://www.securitytracker.com/id/1031185 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-065 • CWE-399: Resource Management Errors •