CVSS: 6.1EPSS: 0%CPEs: 32EXPL: 0CVE-2013-6906
https://notcve.org/view.php?id=CVE-2013-6906
05 Dec 2013 — Cross-site scripting (XSS) vulnerability in a mail component in Cybozu Garoon before 3.7.0, when Internet Explorer 6 through 8 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de cross-site scripting (XSS) en un componente de correo en Cybozu Garoon anteriores a 3.7.0, cuando Internet Explorer 6 a 8 es utilizado, permite a atacnates remotos inyectar scripts web o HTML arbitrarios a través de vectores no especificados. • http://cs.cybozu.co.jp/information/20131202up01.php • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 35EXPL: 0CVE-2013-6912
https://notcve.org/view.php?id=CVE-2013-6912
05 Dec 2013 — Cross-site scripting (XSS) vulnerability in a calendar component in Cybozu Garoon before 3.7.2, when Internet Explorer 6 through 9 is used, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de cross-site scripting (XSS) en un componente de calendario en Cybozu Garoon anteriores a 3.7.2, cuando Internet Explorer 6 a 9 son utilizados, permite a usuarios autenticados remotamente inyectar scripts web o HTML arbitrarios a través de vectores no especi... • http://cs.cybozu.co.jp/information/20131202up01.php • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 90%CPEs: 5EXPL: 0CVE-2013-3908
https://notcve.org/view.php?id=CVE-2013-3908
13 Nov 2013 — Microsoft Internet Explorer 6 through 10 allows user-assisted remote attackers to bypass the Same Origin Policy and obtain sensitive information from any visited document via a crafted web page that is not properly handled during a print-preview action, aka "Internet Explorer Information Disclosure Vulnerability." Microsoft Internet Explorer 6 a 10, permite a atacantes remotos asistidos por el usuario para eludir la política "Same Origin "y obtener información sensible de cualquier documento visitado a trav... • http://www.us-cert.gov/ncas/alerts/TA13-317A • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 2%CPEs: 3EXPL: 0CVE-2013-3909
https://notcve.org/view.php?id=CVE-2013-3909
13 Nov 2013 — Microsoft Internet Explorer 6 through 8 allows remote attackers to read content from a different (1) domain or (2) zone via crafted characters in Cascading Style Sheets (CSS) token sequences, aka "Internet Explorer Information Disclosure Vulnerability." Microsoft Internet Explorer 6 a 8, permite a atacantes remotos leer el contenido de un (1) dominio diferente o (2) zona a través caracteres manipulados secuencias de tokens Cascading Style Sheets (CSS) , también conocido como "Vulnerabilidad de divulgación d... • http://www.us-cert.gov/ncas/alerts/TA13-317A • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 89%CPEs: 4EXPL: 0CVE-2013-3910 – Microsoft Internet Explorer CSelectTracker Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-3910
13 Nov 2013 — Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Microsoft Internet Explorer 6 a 9, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como "Vulnerabilidad de Corrupción de memoria en Internet Explorer" This vulnerability a... • http://www.us-cert.gov/ncas/alerts/TA13-317A • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 89%CPEs: 6EXPL: 0CVE-2013-3915
https://notcve.org/view.php?id=CVE-2013-3915
13 Nov 2013 — Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3917. Microsoft Internet Explorer 6 a 11, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como "Vulnerabilidad de Corrupción de me... • http://www.us-cert.gov/ncas/alerts/TA13-317A • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 89%CPEs: 6EXPL: 0CVE-2013-3917 – Microsoft Internet Explorer CHTMLEditor Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-3917
13 Nov 2013 — Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3915. Microsoft Internet Explorer 6 a 11, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como "Vulnerabilidad de Corrupción de me... • http://www.us-cert.gov/ncas/alerts/TA13-317A • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 97%CPEs: 7EXPL: 2CVE-2013-3897 – Microsoft Internet Explorer Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2013-3897
09 Oct 2013 — Use-after-free vulnerability in the CDisplayPointer class in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JavaScript code that uses the onpropertychange event handler, as exploited in the wild in September and October 2013, aka "Internet Explorer Memory Corruption Vulnerability." Vulnerabilidad de uso después de liberación en la clase CDisplayPointer en mshtml.dll en Microsoft Internet Ex... • https://packetstorm.news/files/id/123603 • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVSS: 9.3EPSS: 79%CPEs: 5EXPL: 0CVE-2013-3871 – Microsoft Internet Explorer CAnchorElement Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-3871
08 Oct 2013 — Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Microsoft Internet Explorer 6 hasta la versión 10 permite a atacantes remotos ejecutar código arbitrario o provocar una vulnerabilidad de denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como "Vulnerabilidad de Corrupción de Memoria." This... • http://blogs.technet.com/b/msrc/archive/2013/10/08/the-october-2013-security-updates.aspx • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 95%CPEs: 7EXPL: 6CVE-2013-3893 – Microsoft Internet Explorer 8 - 'SetMouseCapture ' Use After Free
https://notcve.org/view.php?id=CVE-2013-3893
18 Sep 2013 — Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help: URL that triggers loading of hxds.dll. Vulnerabilidad de uso después de liberación en la implementación de SetMouseCapture en mshtml.dll de Microsoft Internet Explorer 6 a 11 permite a atacantes remotos ejecutar código arbitrario a través de cadenas JavaScript manipu... • https://packetstorm.news/files/id/123457 • CWE-399: Resource Management Errors •