CVSS: 9.3EPSS: 57%CPEs: 6EXPL: 0CVE-2014-2807
https://notcve.org/view.php?id=CVE-2014-2807
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2800 and CVE-2014-2809. Microsoft Internet Explorer 6 hasta 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como 'vulnerabilidad de corrupción de memoria de Internet Explorer,' una vulnerabilidad diferente a CVE-2014-2800 y CVE-2014-2809. • http://secunia.com/advisories/59775 http://www.securityfocus.com/bid/68388 http://www.securitytracker.com/id/1030532 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-037 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 69%CPEs: 6EXPL: 0CVE-2014-2809 – Microsoft Internet Explorer CImgElement Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-2809
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2800 and CVE-2014-2807. Microsoft Internet Explorer 6 hasta 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como 'vulnerabilidad de corrupción de memoria de Internet Explorer,' una vulnerabilidad diferente a CVE-2014-2800 y CVE-2014-2807. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of CImgElement objects. By manipulating a document's elements an attacker can force a dangling pointer to be reused after it has been freed. • http://secunia.com/advisories/59775 http://www.securityfocus.com/bid/68389 http://www.securitytracker.com/id/1030532 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-037 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 57%CPEs: 2EXPL: 0CVE-2014-2794
https://notcve.org/view.php?id=CVE-2014-2794
Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2788. Microsoft Internet Explorer 6 y 7 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como 'vulnerabilidad de corrupción de memoria de Internet Explorer,' una vulnerabilidad diferente a CVE-2014-2788. • http://secunia.com/advisories/59775 http://www.securityfocus.com/bid/68378 http://www.securitytracker.com/id/1030532 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-037 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 57%CPEs: 3EXPL: 0CVE-2014-2797
https://notcve.org/view.php?id=CVE-2014-2797
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Microsoft Internet Explorer 6 hasta 8 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como 'vulnerabilidad de corrupción de memoria de Internet Explorer.' • http://secunia.com/advisories/59775 http://www.securityfocus.com/bid/68380 http://www.securitytracker.com/id/1030532 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-037 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.4EPSS: 1%CPEs: 5EXPL: 0CVE-2014-2783
https://notcve.org/view.php?id=CVE-2014-2783
Microsoft Internet Explorer 7 through 11 does not prevent use of wildcard EV SSL certificates, which might allow remote attackers to spoof a trust level by leveraging improper issuance of a wildcard certificate by a recognized Certification Authority, aka "Extended Validation (EV) Certificate Security Feature Bypass Vulnerability." Microsoft Internet Explorer 7 hasta 11 no previenen el uso de certificados EV SSL comodines, lo que podría permitir a atacantes remotos falsificar un nivel de confianza mediante el aprovechamiento de la emisión indebida de un certificado comodín por una autoridad de certificación reconocida, también conocido como 'vulnerabilidad de evasión de la funcionalidad de la seguridad de certificación de validación extendida (EV).' • http://secunia.com/advisories/59775 http://www.securityfocus.com/bid/68391 http://www.securitytracker.com/id/1030532 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-037 • CWE-264: Permissions, Privileges, and Access Controls •