CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2013-3649
https://notcve.org/view.php?id=CVE-2013-3649
28 Jun 2013 — Cross-site scripting (XSS) vulnerability in KENT-WEB CLIP-MAIL before 3.4, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an unspecified form field. Vulnerabilidad de ejecución de secuencia de comandos en sitios cruzados (XSS) en KENT-WEB CLIP-MAIL antes de v3.4, cuando se usa Internet Explorer 7 o anterior, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de un campo no especificado del formulario... • http://jvn.jp/en/jp/JVN85804149/index.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2013-3648
https://notcve.org/view.php?id=CVE-2013-3648
28 Jun 2013 — Cross-site scripting (XSS) vulnerability in KENT-WEB POST-MAIL before 6.7, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an unspecified form field. Vulnerabilidad de ejecución de secuencia de comandos en sitios cruzados (XSS) en KENT-WEB CLIP-MAIL antes de v6.7, cuando se usa Internet Explorer 7 o anterior, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de un campo no especificado del formulario... • http://jvn.jp/en/jp/JVN26394323/index.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 84%CPEs: 5EXPL: 0CVE-2013-3139
https://notcve.org/view.php?id=CVE-2013-3139
12 Jun 2013 — Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3112, CVE-2013-3113, CVE-2013-3121, and CVE-2013-3142. Microsoft Internet Explorer 6 hasta 10, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web malicioso, tambi... • http://www.us-cert.gov/ncas/alerts/TA13-168A • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 86%CPEs: 5EXPL: 0CVE-2013-3112 – Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-3112
12 Jun 2013 — Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3113, CVE-2013-3121, CVE-2013-3139, and CVE-2013-3142. Microsoft Internet Explorer 6 hasta 10 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web especialmente dis... • http://www.us-cert.gov/ncas/alerts/TA13-168A • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 86%CPEs: 5EXPL: 0CVE-2013-3142 – Microsoft Internet Explorer CEventObj Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-3142
12 Jun 2013 — Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3112, CVE-2013-3113, CVE-2013-3121, and CVE-2013-3139. Microsoft Internet Explorer 6 hasta 10, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web malicioso, tambi... • http://www.us-cert.gov/ncas/alerts/TA13-168A • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 84%CPEs: 5EXPL: 0CVE-2013-3113
https://notcve.org/view.php?id=CVE-2013-3113
12 Jun 2013 — Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3112, CVE-2013-3121, CVE-2013-3139, and CVE-2013-3142. Microsoft Internet Explorer 6 hasta 10 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web especialmente dis... • http://www.us-cert.gov/ncas/alerts/TA13-168A • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 86%CPEs: 5EXPL: 0CVE-2013-3121 – Microsoft Internet Explorer runtimeStyle Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-3121
12 Jun 2013 — Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3112, CVE-2013-3113, CVE-2013-3139, and CVE-2013-3142. Microsoft Internet Explorer 6 hasta 10 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web especialmente dis... • http://www.us-cert.gov/ncas/alerts/TA13-168A • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 95%CPEs: 5EXPL: 2CVE-2013-1309 – Microsoft Internet Explorer CDispNode Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-1309
15 May 2013 — Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1308 and CVE-2013-2551. Vulnerabilidad de tipo "usar después de liberar" en Microsoft Internet Explorer v6 hasta v10 permite a atacantes remotos ejecutar código de su elección mediante un sitio web malintencionado que lanza el acc... • https://packetstorm.news/files/id/140094 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 11%CPEs: 3EXPL: 0CVE-2013-1297
https://notcve.org/view.php?id=CVE-2013-1297
15 May 2013 — Microsoft Internet Explorer 6 through 8 does not properly restrict data access by VBScript, which allows remote attackers to perform cross-domain reading of JSON files via a crafted web site, aka "JSON Array Information Disclosure Vulnerability." Microsoft Internet Explorer v6 hasta v8 no retringe correctamente el acceso de datos por VBScript, lo que permite a atacantes remotos llevar a cabo lectura de dominios cruzados ("cross-domain") de ficheros JSON mediante un sitio web especialmente diseñado, también ... • http://www.us-cert.gov/ncas/alerts/TA13-134A • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 87%CPEs: 5EXPL: 0CVE-2013-1308 – Microsoft Internet Explorer TransNavContext Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-1308
15 May 2013 — Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1309 and CVE-2013-2551. Vulnerabilidad de tipo "usar después de liberar" en Microsoft Internet Explorer v6 hasta v10 permite a atacantes remotos ejecutar código de su elección mediante un sitio web malintencionado que genera el ac... • http://www.us-cert.gov/ncas/alerts/TA13-134A • CWE-416: Use After Free •