CVSS: 6.5EPSS: 0%CPEs: 27EXPL: 0CVE-2012-0010
https://notcve.org/view.php?id=CVE-2012-0010
14 Feb 2012 — Microsoft Internet Explorer 6 through 9 does not properly perform copy-and-paste operations, which allows user-assisted remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Copy and Paste Information Disclosure Vulnerability." Microsoft Internet Explorer v6 hasta v9, no realiza adecuadamente las operaciones copiar y pegar, lo que permite a atacantes remotos asistidos por el usuario leer el contenido de un diferente (1) dominio o (2) zona a través de un sitio ... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-010 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 27EXPL: 0CVE-2011-3404
https://notcve.org/view.php?id=CVE-2011-3404
14 Dec 2011 — Microsoft Internet Explorer 6 through 9 does not properly use the Content-Disposition HTTP header to control rendering of the HTTP response body, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Content-Disposition Information Disclosure Vulnerability." Microsoft Internet Explorer 6 hasta la versión 9 no utiliza apropiadamente la cabecera HTTP Content-Disposition para controlar la representación gráfica del cuerpo de la respuesta HTTP, lo que... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-099 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 1CVE-2011-4689
https://notcve.org/view.php?id=CVE-2011-4689
07 Dec 2011 — Microsoft Internet Explorer 6 through 9 does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code. Microsoft Internet Explorer v6 hasta v9, no impide la captura de datos sobre los tiempos de violación de "Same Origin Policy" durante los intentos de carga de IFRAME, lo que facilita a los atacantes remotos determinar si exist... • http://lcamtuf.coredump.cx/cachetime • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.3EPSS: 0%CPEs: 101EXPL: 1CVE-2010-5071
https://notcve.org/view.php?id=CVE-2010-5071
07 Dec 2011 — The JavaScript implementation in Microsoft Internet Explorer 8.0 and earlier does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method. La ejecución de JavaScript en Microsoft Internet Explorer v8.0 y anteriores, no restringe adecuadamente el conjunto de valores contenidos en el objeto devuelto por el método getComputedStyle, lo que permite a atacan... • http://w2spconf.com/2010/papers/p26.pdf • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 101EXPL: 1CVE-2002-2435
https://notcve.org/view.php?id=CVE-2002-2435
07 Dec 2011 — The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264. La implementación de las Hojas de Estilo en Cascada (CSS) en Microsoft Internet Explorer, no controla correctamente el :visited pseudo-class, lo que permite a atacantes remotos obtener información sensible acerca de ... • http://bugzilla.mozilla.org/show_bug.cgi?id=147777 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 13EXPL: 0CVE-2011-4345 – Gentoo Linux Security Advisory 201311-22
https://notcve.org/view.php?id=CVE-2011-4345
30 Nov 2011 — Cross-site scripting (XSS) vulnerability in Namazu before 2.0.21, when Internet Explorer 6 or 7 is used, allows remote attackers to inject arbitrary web script or HTML via a cookie. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados XSS en Namazu antes de v2.0.21, cuando se usa Internet Explorer 6 o 7, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de una cookie. Several potential security vulnerabilities have been identified in HPE Insight Control. The... • http://secunia.com/advisories/46925 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 23%CPEs: 27EXPL: 0CVE-2011-2001 – Microsoft Internet Explorer SetExpandedClipRect Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-2001
12 Oct 2011 — Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an attempted access to a virtual function table after corruption of this table has occurred, aka "Virtual Function Table Corruption Remote Code Execution Vulnerability." Microsoft Internet Explorer v6 a v9 no trata correctamente los objetos en la memoria, lo que permite a atacantes remotos ejecutar código de su elección a través de un intento de acceso a una tabla d... • http://www.securityfocus.com/bid/49966 •
CVSS: 9.3EPSS: 8%CPEs: 30EXPL: 0CVE-2011-1993
https://notcve.org/view.php?id=CVE-2011-1993
12 Oct 2011 — Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Scroll Event Remote Code Execution Vulnerability." Microsoft Internet Explorer v6 a v9 no trata correctamente los objetos en la memoria, lo que permite a atacantes remotos ejecutar código de su elección accediendo a un objeto eliminado. También conocidacomo "vulnerabilidad de ejecución remota de código del evento Scroll". • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081 •
CVSS: 9.3EPSS: 43%CPEs: 30EXPL: 0CVE-2011-2000 – Microsoft Internet Explorer swapNode Handling Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-2000
12 Oct 2011 — Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Body Element Remote Code Execution Vulnerability." Microsoft Internet Explorer v6 a v9 no trata correctamente los objetos en la memoria, lo que permite a atacantes remotos ejecutar código de su elección accediendo a un objeto eliminado. También conocida como "vulnerabilidad de ejecución remota de código a través del elemento Body". Th... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081 •
CVSS: 9.3EPSS: 13%CPEs: 30EXPL: 0CVE-2011-1995
https://notcve.org/view.php?id=CVE-2011-1995
12 Oct 2011 — Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "OLEAuto32.dll Remote Code Execution Vulnerability." Microsoft Internet Explorer v6 a v9 no trata correctamente los objetos en la memoria, lo que permite a atacantes remotos ejecutar código de su elección, accediendo a un objeto que no se ha inicializado correctamente. También conocida como "vulnerabilidad de... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081 • CWE-908: Use of Uninitialized Resource •