CVSS: 9.8EPSS: 37%CPEs: 6EXPL: 1CVE-2014-1762 – (Pwn2Own\Pwn4Fun) Microsoft Internet Explorer localhost Protected Mode Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2014-1762
27 Apr 2014 — Unspecified vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code with medium-integrity privileges and bypass a sandbox protection mechanism via unknown vectors, as demonstrated by ZDI during a Pwn4Fun competition at CanSecWest 2014. Vulnerabilidad no especificada en Microsoft Internet Explorer 6 hasta la versión 11 permite a atacantes remotos ejecutar código arbitario con privilegios de integridad media y eludir un mecanismo de protección sandbox a trav... • https://www.exploit-db.com/exploits/34010 •
CVSS: 10.0EPSS: 68%CPEs: 5EXPL: 1CVE-2014-1764 – Microsoft Internet Explorer Protected Mode Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2014-1764
27 Apr 2014 — Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism by leveraging "object confusion" in a broker process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014. Microsoft Internet Explorer 7 hasta la versión 11 permite a atacantes remotos ejecutar código arbitrario y eludir un mecanismo de protección sandbox aprovechando "confusión de objeto" en un proceso broker, según lo demostrado por VUPEN durante una com... • https://www.exploit-db.com/exploits/34010 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 46%CPEs: 6EXPL: 0CVE-2014-1765 – Microsoft Internet Explorer CAttrValue Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-1765
27 Apr 2014 — Multiple use-after-free vulnerabilities in Microsoft Internet Explorer 6 through 11 allow remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by Sebastian Apelt and Andreas Schmidt during a Pwn2Own competition at CanSecWest 2014. Múltiples vulnerabilidades de uso después de liberación de memoria en Microsoft Internet Explorer 6 hasta la versión 11 permiten a atacantes remotos ejecutar un código arbitrario a través de vectores no especificados, tal como fue demostrado por Seba... • http://secunia.com/advisories/59775 • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 76%CPEs: 35EXPL: 1CVE-2014-1776 – Microsoft Internet Explorer Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2014-1776
27 Apr 2014 — Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014. NOTE: this issue originally emphasized VGX.DLL, but Microsoft clarified that "VGX.DLL does not contain the vulnerable code leveraged in this exploit. Disabling VGX.DLL is an exploit-specific workaround that provides an immediat... • http://blogs.technet.com/b/srd/archive/2014/04/30/protection-strategies-for-the-security-advisory-2963983-ie-0day.aspx • CWE-416: Use After Free •
CVSS: 9.3EPSS: 26%CPEs: 5EXPL: 0CVE-2014-1753 – Microsoft Internet Explorer CAttrArray Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-1753
08 Apr 2014 — Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Microsoft Internet Explorer 6 hasta 9 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como "Vulnerabilidad de Corrupción de Memoria de Internet Explorer." This vulnerabili... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-018 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 25%CPEs: 4EXPL: 0CVE-2014-0297 – Microsoft Internet Explorer CTraversalMarkupPointer Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-0297
12 Mar 2014 — Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0308, CVE-2014-0312, and CVE-2014-0324. Microsoft Internet Explorer 8 hasta 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido com... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-012 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 26%CPEs: 6EXPL: 0CVE-2014-0299 – Microsoft Internet Explorer Uninitialized Variable Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-0299
12 Mar 2014 — Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0305 and CVE-2014-0311. Microsoft Internet Explorer 6 hasta 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como "Vulnerabilida... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-012 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 28%CPEs: 6EXPL: 0CVE-2014-0305
https://notcve.org/view.php?id=CVE-2014-0305
12 Mar 2014 — Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0299 and CVE-2014-0311. Microsoft Internet Explorer 6 hasta 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como "Vulnerabilida... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-012 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 28%CPEs: 2EXPL: 0CVE-2014-0306
https://notcve.org/view.php?id=CVE-2014-0306
12 Mar 2014 — Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Microsoft Internet Explorer 8 y 9 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como "Vulnerabilidad de Corrupción de Memoria en Internet Explorer." • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-012 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 28%CPEs: 4EXPL: 0CVE-2014-0308 – Microsoft Internet Explorer CUListElement Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-0308
12 Mar 2014 — Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0297, CVE-2014-0312, and CVE-2014-0324. Microsoft Internet Explorer 8 hasta 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicios (corrupción de memoria) a través de un sitio web manipulado, también conocido co... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-012 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •