CVSS: 9.3EPSS: 40%CPEs: 26EXPL: 0CVE-2011-1963 – Microsoft Internet Explorer XSLT SetViewSlave Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-1963
09 Aug 2011 — Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "XSLT Memory Corruption Vulnerability." Microsoft Internet Explorer 7 hasta 9 no maneja adecuadamente objetos en memoria, lo que permite a atacantes remotos ejecutar código de su elección accediendo a objetos que (1) no fueron inicializados correctamente o (2) es eliminado, también conoc... • http://www.us-cert.gov/cas/techalerts/TA11-221A.html • CWE-908: Use of Uninitialized Resource •
CVSS: 9.8EPSS: 40%CPEs: 30EXPL: 0CVE-2011-1964 – Microsoft Internet Explorer 9 STYLE Object Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-1964
09 Aug 2011 — Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Style Object Memory Corruption Vulnerability." Microsoft Internet Explorer 6 hasta la versión 9 no maneja apropiadamente objetos en memoria, lo que permite a atacantes remotos ejecutar código arbitrario accediendo a un objeto que (1) no fue apropiadamente inicializado o (2) ha sido borr... • http://www.us-cert.gov/cas/techalerts/TA11-221A.html • CWE-908: Use of Uninitialized Resource •
CVSS: 8.4EPSS: 1%CPEs: 17EXPL: 0CVE-2011-1282
https://notcve.org/view.php?id=CVE-2011-1282
13 Jul 2011 — The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly initialize memory and consequently uses a NULL pointer in an unspecified function call, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a u... • http://www.us-cert.gov/cas/techalerts/TA11-193A.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 1%CPEs: 17EXPL: 0CVE-2011-1284
https://notcve.org/view.php?id=CVE-2011-1284
13 Jul 2011 — Integer overflow in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a user transaction, aka "CSRSS Local EOP SrvWriteConsoleOutput Vulnerability." Desbordamiento d... • http://www.us-cert.gov/cas/techalerts/TA11-193A.html • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 1%CPEs: 17EXPL: 0CVE-2011-1874
https://notcve.org/view.php?id=CVE-2011-1874
13 Jul 2011 — Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability." Vulnerabilidad de uso después de liberación en los controla... • http://osvdb.org/73777 • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2011-1875
https://notcve.org/view.php?id=CVE-2011-1875
13 Jul 2011 — Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability." Vulnerabilidad de uso después de liberación en los controla... • http://osvdb.org/73785 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2011-1876
https://notcve.org/view.php?id=CVE-2011-1876
13 Jul 2011 — Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability." Vulnerabilidad de uso después de liberación en los controla... • http://osvdb.org/73778 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2011-1878
https://notcve.org/view.php?id=CVE-2011-1878
13 Jul 2011 — Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability." Vulnerabilidad de Uso después de la liberación en win32k.sy... • http://osvdb.org/73780 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2011-1879
https://notcve.org/view.php?id=CVE-2011-1879
13 Jul 2011 — Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Use After Free Vulnerability." Vulnerabilidad de uso después de la liberación en win32k.sy... • http://osvdb.org/73781 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2011-1880
https://notcve.org/view.php?id=CVE-2011-1880
13 Jul 2011 — win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other CVEs listed in MS11-054, aka "Win32k Null Pointer De-reference Vulnerability." win32k.sys en los controladores de modo kernel de Microsoft Windows XP SP2 y SP3, Windows... • http://osvdb.org/73786 •