CVSS: 9.3EPSS: 8%CPEs: 30EXPL: 0CVE-2011-1993
https://notcve.org/view.php?id=CVE-2011-1993
12 Oct 2011 — Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Scroll Event Remote Code Execution Vulnerability." Microsoft Internet Explorer v6 a v9 no trata correctamente los objetos en la memoria, lo que permite a atacantes remotos ejecutar código de su elección accediendo a un objeto eliminado. También conocidacomo "vulnerabilidad de ejecución remota de código del evento Scroll". • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081 •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2011-2011
https://notcve.org/view.php?id=CVE-2011-2011
12 Oct 2011 — Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, aka "Win32k Use After Free Vulnerability." Una vulnerabilidad de uso después de liberación en win32k.sys en los controladores en modo kernel de Microsoft Windows XP SP2 y SP3, Wi... • http://www.securityfocus.com/bid/49981 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 15%CPEs: 41EXPL: 0CVE-2011-1253
https://notcve.org/view.php?id=CVE-2011-1253
12 Oct 2011 — Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.0.60831, does not properly restrict inheritance, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, (3) a crafted .NET Framework application, or (4) a crafted Silverlight application, aka ".NET Framework Class Inheritance Vulnerability." Microsoft .NET Framework v1.0 SP3, v1.1 SP1, v2.0 SP2, v3.5.1, y v4, y Silverlight v4 ... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-078 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 88%CPEs: 11EXPL: 1CVE-2011-1999 – Microsoft Internet Explorer Select Element Insufficient Type Checking Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-1999
12 Oct 2011 — Microsoft Internet Explorer 8 does not properly allocate and access memory, which allows remote attackers to execute arbitrary code via vectors involving a "dereferenced memory address," aka "Select Element Remote Code Execution Vulnerability." Microsoft Internet Explorer v8 no asigna ni accede correctamente a la memoria, lo que permite a atacantes remotos ejecutar código de su elección a través de vectores que implican una "dirección de memoria no referenciada". También conocida como "vulnerabilidad de eje... • https://www.exploit-db.com/exploits/36209 •
CVSS: 9.3EPSS: 43%CPEs: 30EXPL: 0CVE-2011-2000 – Microsoft Internet Explorer swapNode Handling Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-2000
12 Oct 2011 — Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Body Element Remote Code Execution Vulnerability." Microsoft Internet Explorer v6 a v9 no trata correctamente los objetos en la memoria, lo que permite a atacantes remotos ejecutar código de su elección accediendo a un objeto eliminado. También conocida como "vulnerabilidad de ejecución remota de código a través del elemento Body". Th... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081 •
CVSS: 9.3EPSS: 0%CPEs: 13EXPL: 0CVE-2011-1247
https://notcve.org/view.php?id=CVE-2011-1247
12 Oct 2011 — Untrusted search path vulnerability in the Microsoft Active Accessibility component in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Active Accessibility Insecure Library Loading Vulnerability." Una vulnerabilidad de ruta de búsqueda no confiable en el componente Microsoft Active Accessibility en Microsoft Wind... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-075 •
CVSS: 9.3EPSS: 13%CPEs: 30EXPL: 0CVE-2011-1995
https://notcve.org/view.php?id=CVE-2011-1995
12 Oct 2011 — Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "OLEAuto32.dll Remote Code Execution Vulnerability." Microsoft Internet Explorer v6 a v9 no trata correctamente los objetos en la memoria, lo que permite a atacantes remotos ejecutar código de su elección, accediendo a un objeto que no se ha inicializado correctamente. También conocida como "vulnerabilidad de... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081 • CWE-908: Use of Uninitialized Resource •
CVSS: 9.3EPSS: 78%CPEs: 13EXPL: 1CVE-2011-2003 – Microsoft Windows - '.fon' Kernel-Mode Buffer Overrun (PoC) (MS11-077)
https://notcve.org/view.php?id=CVE-2011-2003
12 Oct 2011 — Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted .fon file, aka "Font Library File Buffer Overrun Vulnerability." Un desbordamiento de búfer en win32k.sys en los controladores en modo kernel de Microsoft Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 S... • https://www.exploit-db.com/exploits/17978 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 13EXPL: 1CVE-2011-1985 – Microsoft Win32k - Null Pointer De-reference (PoC) (MS11-077)
https://notcve.org/view.php?id=CVE-2011-1985
12 Oct 2011 — win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via a crafted application, aka "Win32k Null Pointer De-reference Vulnerability." win32k.sys en los controladores en modo kernel de Microsoft Windows XP SP2 y SP3, W... • https://www.exploit-db.com/exploits/18024 • CWE-476: NULL Pointer Dereference •
CVSS: 9.3EPSS: 95%CPEs: 23EXPL: 1CVE-2011-1996 – Internet Explorer Select Element Cache Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-1996
12 Oct 2011 — Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Option Element Remote Code Execution Vulnerability." Microsoft Internet Explorer v6 y v8, no tratan correctamente los objetos en la memoria, lo que permite a atacantes remotos ejecutar código de su elección accediendo a un objeto eliminado. También conocida como "vulnerabilidad de ejecución remota de código a través del elemento Optio... • https://www.exploit-db.com/exploits/24020 •