CVSS: 5.3EPSS: 34%CPEs: 4EXPL: 0CVE-2016-3267
https://notcve.org/view.php?id=CVE-2016-3267
14 Oct 2016 — Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to determine the existence of unspecified files via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." Microsoft Internet Explorer 9 hasta la versión 11 y Microsoft Edge permiten a atacantes remotos determinar la existencia de archivos no especificados a través de un sitio web manipulado, vulnerabilidad también conocida como "Microsoft Browser Information Disclosure Vulnerability". • http://www.securityfocus.com/bid/93376 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 29%CPEs: 19EXPL: 0CVE-2016-3298 – Microsoft Internet Explorer Messaging API Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2016-3298
14 Oct 2016 — Microsoft Internet Explorer 9 through 11 and the Internet Messaging API in Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow remote attackers to determine the existence of arbitrary files via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." Microsoft Internet Explorer 9 hasta la versión 11 y el Internet Messaging API en Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1 y Windows 7 SP1 permiten a atacantes remotos determinar la existencia de arc... • http://www.securityfocus.com/bid/93392 •
CVSS: 9.3EPSS: 20%CPEs: 3EXPL: 0CVE-2016-3385
https://notcve.org/view.php?id=CVE-2016-3385
14 Oct 2016 — The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." El motor de secuencia de comandos en Microsoft Internet Explorer 9 hasta la versión 11 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, una vulnerabilidad también ... • http://www.securityfocus.com/bid/93397 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 33%CPEs: 3EXPL: 2CVE-2016-3387 – Microsoft Windows Edge/Internet Explorer - Isolated Private Namespace Insecure Boundary Descriptor Privilege Escalation (MS16-118)
https://notcve.org/view.php?id=CVE-2016-3387
14 Oct 2016 — Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3388. Microsoft Internet Explorer 10 y 11 y Microsoft Edge no restringe adecuadamente el acceso a espacios de nombres privados, lo que permite a atacantes remotos obtener privilegios a través de vectores no especificados, vu... • https://packetstorm.news/files/id/139230 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.3EPSS: 47%CPEs: 3EXPL: 2CVE-2016-3388 – Microsoft Windows Edge/Internet Explorer - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118)
https://notcve.org/view.php?id=CVE-2016-3388
14 Oct 2016 — Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3387. Microsoft Internet Explorer 10 y 11 y Microsoft Edge no restringe adecuadamente el acceso a espacios de nombres privados, lo que permite a atacantes remotos obtener privilegios a través de vectores no especificados, vu... • https://packetstorm.news/files/id/139231 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.3EPSS: 25%CPEs: 3EXPL: 0CVE-2016-3391
https://notcve.org/view.php?id=CVE-2016-3391
14 Oct 2016 — Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow context-dependent attackers to discover credentials by leveraging access to a memory dump, aka "Microsoft Browser Information Disclosure Vulnerability." Microsoft Internet Explorer 10 y 11 y Microsoft Edge permiten a atacantes dependientes del contexto descubrir credenciales aprovechando el acceso a un volcado de memoria, vulnerabilidad también conocida como "Microsoft Browser Information Disclosure Vulnerability". • http://www.securityfocus.com/bid/93379 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 23%CPEs: 4EXPL: 0CVE-2016-3382 – Microsoft Edge JavaScript eval Function Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-3382
11 Oct 2016 — The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by the Chakra JavaScript engine, aka "Scripting Engine Memory Corruption Vulnerability." Los motores de secuencia de comandos en Microsoft Internet Explorer 9 hasta la versión 11 y Microsoft Edge permiten a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio... • http://www.securityfocus.com/bid/93386 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 15%CPEs: 2EXPL: 0CVE-2016-3383 – Microsoft Internet Explorer Table Layout Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-3383
11 Oct 2016 — Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." Microsoft Internet Explorer 10 y 11 permite a atacantes remotos ejecutar un código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, vulnerabilidad también conocida como "Microsoft Browser Memory Corruption Vulnerability". This vulner... • http://www.securityfocus.com/bid/93396 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 20%CPEs: 3EXPL: 0CVE-2016-3384 – Microsoft Internet Explorer s_DestroyMetaCallback Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-3384
11 Oct 2016 — Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Microsoft Internet Explorer 9 hasta la versión 11 permite a atacantes remotos ejecutar un código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, vulnerabilidad también conocida como "Internet Explorer Memory Corruption Vulnerabil... • http://www.securityfocus.com/bid/93393 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.9EPSS: 4%CPEs: 2EXPL: 0CVE-2016-3292 – Microsoft Internet Explorer Add-on Installer Enhanced Protected Mode Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2016-3292
14 Sep 2016 — Microsoft Internet Explorer 10 and 11 mishandles integrity settings and zone settings, which allows remote attackers to bypass a sandbox protection mechanism via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability." Microsoft Internet Explorer 10 y 11 no maneja adecuadamente ajustes de integridad y de zona, lo que permite a atacantes remotos eludir un mecanismo de protección sandbox a través de un sitio web manipulado, vulnerabilidad también conocida como "Internet Explorer Eleva... • http://www.securityfocus.com/bid/92808 • CWE-20: Improper Input Validation •