CVSS: 8.8EPSS: 22%CPEs: 13EXPL: 0CVE-2017-0210 – Microsoft Internet Explorer Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-0210
12 Apr 2017 — An elevation of privilege vulnerability exists when Internet Explorer does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain, aka "Internet Explorer Elevation of Privilege Vulnerability." Existe una vulnerabilidad de elevación de privilegios cuando Internet Explorer no aplica adecuadamente las directivas entre dominios, lo que podría permitir a un atacante acceder a información de un dominio e inyectarla en otro ... • http://www.securityfocus.com/bid/97512 •
CVSS: 4.3EPSS: 20%CPEs: 3EXPL: 0CVE-2017-0008
https://notcve.org/view.php?id=CVE-2017-0008
17 Mar 2017 — Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009 and CVE-2017-0059. Microsoft Internet Explorer 9 hasta la versión 11 permiten a atacantes remotos obtener información sensible de la memoria de proceso a través de un sitio web manipulado, también conocido como "Internet Explorer Informatio... • http://www.securityfocus.com/bid/96073 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 10%CPEs: 3EXPL: 0CVE-2017-0009
https://notcve.org/view.php?id=CVE-2017-0009
17 Mar 2017 — Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0011, CVE-2017-0017, CVE-2017-0065, and CVE-2017-0068. Microsoft Internet Explorer 9 hasta la versión 11 permiten a atacantes remotos obtener información sensible de la memoria de proceso a través de un sitio web manipulado, también conocido como "Mi... • http://www.security-assessment.com/files/documents/advisory/comparestring_infoleak.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 6%CPEs: 2EXPL: 0CVE-2017-0012
https://notcve.org/view.php?id=CVE-2017-0012
17 Mar 2017 — Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0033 and CVE-2017-0069. Microsoft Internet Explorer 11 y Microsoft Edge permiten a atacantes remotos suplantar contenido web a través de un sitio web manipulado, también conocido como "Microsoft Browser Spoofing Vulnerability". Esta vulnerabilidad es distinta de aquellas descritas... • http://www.securityfocus.com/bid/96085 • CWE-20: Improper Input Validation •
CVSS: 7.6EPSS: 16%CPEs: 2EXPL: 0CVE-2017-0018 – Microsoft Internet Explorer CHtmTag Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-0018
17 Mar 2017 — Microsoft Internet Explorer 10 and 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0037 and CVE-2017-0149. Microsoft Internet Explorer 10 y 11 permiten a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocid... • http://www.securityfocus.com/bid/96086 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 7%CPEs: 2EXPL: 0CVE-2017-0033
https://notcve.org/view.php?id=CVE-2017-0033
17 Mar 2017 — Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to spoof web content via a crafted web site, aka "Microsoft Browser Spoofing Vulnerability." This vulnerability is different from those described in CVE-2017-0012 and CVE-2017-0069. Microsoft Internet Explorer 11 y Microsoft Edge permiten a atacantes remotos suplantar contenido web a través de un sitio web manipulado, vulnerabilidad también conocida como "Microsoft Browser Spoofing Vulnerability". Esta vulnerabilidad es distinta de aqu... • http://www.securityfocus.com/bid/96087 • CWE-20: Improper Input Validation •
CVSS: 7.6EPSS: 23%CPEs: 3EXPL: 0CVE-2017-0040
https://notcve.org/view.php?id=CVE-2017-0040
17 Mar 2017 — The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." This vulnerability is different from that described in CVE-2017-0130. El motor de secuencias de comandos en Microsoft Internet Explorer 9 hasta la versión 11 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de me... • http://www.security-assessment.com/files/documents/advisory/reversesegment.pdf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 31%CPEs: 1EXPL: 0CVE-2017-0049
https://notcve.org/view.php?id=CVE-2017-0049
17 Mar 2017 — The VBScript engine in Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0018, and CVE-2017-0037. El motor VBScript en Microsoft Internet Explorer 11 permite a atacantes remotos obtener información sensible de la memoria de proceso a través de un sitio web manipulado, vulnerabilidad también conocida como... • http://www.securityfocus.com/bid/96095 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.1EPSS: 83%CPEs: 3EXPL: 4CVE-2017-0059 – Microsoft Internet Explorer Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-0059
17 Mar 2017 — Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0008 and CVE-2017-0009. Microsoft Internet Explorer 9 hasta la versión 11 permiten a atacantes remotos obtener información sensible de la memoria de proceso a través de un sitio web manipulado, vulnerabilidad también conocida como "Internet Expl... • https://packetstorm.news/files/id/141733 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.6EPSS: 17%CPEs: 3EXPL: 0CVE-2017-0130
https://notcve.org/view.php?id=CVE-2017-0130
17 Mar 2017 — The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." This vulnerability is different from that described in CVE-2017-0040. El motor de secuencias de comandos en Microsoft Internet Explorer 9 hasta la versión 11 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de me... • http://www.securityfocus.com/bid/96647 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •