CVSS: 9.3EPSS: 79%CPEs: 5EXPL: 0CVE-2013-3871 – Microsoft Internet Explorer CAnchorElement Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-3871
08 Oct 2013 — Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Microsoft Internet Explorer 6 hasta la versión 10 permite a atacantes remotos ejecutar código arbitrario o provocar una vulnerabilidad de denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como "Vulnerabilidad de Corrupción de Memoria." This... • http://blogs.technet.com/b/msrc/archive/2013/10/08/the-october-2013-security-updates.aspx • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 95%CPEs: 7EXPL: 6CVE-2013-3893 – Microsoft Internet Explorer 8 - 'SetMouseCapture ' Use After Free
https://notcve.org/view.php?id=CVE-2013-3893
18 Sep 2013 — Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help: URL that triggers loading of hxds.dll. Vulnerabilidad de uso después de liberación en la implementación de SetMouseCapture en mshtml.dll de Microsoft Internet Explorer 6 a 11 permite a atacantes remotos ejecutar código arbitrario a través de cadenas JavaScript manipu... • https://packetstorm.news/files/id/123457 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 97%CPEs: 3EXPL: 2CVE-2013-3205 – Microsoft Internet Explorer CCaret Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-3205
11 Sep 2013 — Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Microsoft Internet Explorer 6 a 8 permiten a atacantes remotos ejecutar código arbitrario o causar denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como "Vulnerabilidad de Corrupción de Memoria de Internet Explorer". This vulnerability allo... • https://packetstorm.news/files/id/123336 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 13%CPEs: 5EXPL: 0CVE-2013-3192
https://notcve.org/view.php?id=CVE-2013-3192
14 Aug 2013 — Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to inject arbitrary web script or HTML via crafted character sequences with EUC-JP encoding, aka "EUC-JP Character Encoding Vulnerability." Vulnerabilidad Cross-site scripting (XSS) en Microsoft Internet Explorer 6 hasta 10 permite a atacantes remotos inyectar código web o html de su elección a través de una secuencia de caracteres manipulados con la codificación EUC-JP, también conocido como "EUC-JP... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-059 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 88%CPEs: 5EXPL: 0CVE-2013-3199 – Microsoft Internet Explorer Undo Command Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-3199
13 Aug 2013 — Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Microsoft Internet Explorer 6 hasta 10 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web malicioso, también conocido como "Internet Explorer Memory Corruption Vulnerability”. This vulnerability allows ... • http://www.us-cert.gov/ncas/alerts/TA13-225A • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2013-4015 – Microsoft Internet Explorer - CAnchorElement Use-After-Free (MS13-055)
https://notcve.org/view.php?id=CVE-2013-4015
26 Jul 2013 — Microsoft Internet Explorer 6 through 10 allows local users to bypass the elevation policy check in the (1) Protected Mode or (2) Enhanced Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code. Microsoft Internet Explorer v6 hasta v10 permite a usuarios locales evitar el chequeo de la politica de elevación de permisos en los mecanismos de protección (1) Protected Mode o (2) Enhanced Protected Mode, y consecuentemente obtener privilegios, h... • https://www.exploit-db.com/exploits/28187 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 91%CPEs: 4EXPL: 1CVE-2013-3147 – Microsoft Internet Explorer BubbleBecomeCurrent Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-3147
10 Jul 2013 — Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Microsoft Internet Explorer 6 hasta 9 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web malicioso, también conocido como "Internet Explorer Memory Corruption Vulnerability". This vulnerability allows re... • https://www.exploit-db.com/exploits/28187 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 91%CPEs: 5EXPL: 1CVE-2013-3148 – Microsoft Internet Explorer CMshtmlEd Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-3148
10 Jul 2013 — Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3153. Microsoft Internet Explorer 6 hasta 10 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web malicioso, también conocido como "Internet Explorer Memory Corrupt... • https://www.exploit-db.com/exploits/28187 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 91%CPEs: 5EXPL: 1CVE-2013-3153 – Microsoft Internet Explorer RemoveSplice Use-After-Free Remote Code Execution Vulnerabliity
https://notcve.org/view.php?id=CVE-2013-3153
10 Jul 2013 — Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3148. Microsoft Internet Explorer 6 hasta 10 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web malicioso, también conocido como "Internet Explorer Memory Corrupt... • https://www.exploit-db.com/exploits/28187 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.1EPSS: 61%CPEs: 5EXPL: 1CVE-2013-3166 – Microsoft Internet Explorer - CAnchorElement Use-After-Free (MS13-055)
https://notcve.org/view.php?id=CVE-2013-3166
10 Jul 2013 — Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to inject arbitrary web script or HTML via vectors involving incorrect auto-selection of the Shift JIS encoding, leading to cross-domain scrolling events, aka "Shift JIS Character Encoding Vulnerability," a different vulnerability than CVE-2013-0015. Vulnerabilidad Cross-site scripting (XSS) en Microsoft Internet Explorer v6 hasta v10 permite a atacantes remotos inyectar secuencias de comandos web o ... • https://www.exploit-db.com/exploits/28187 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •