CVSS: 7.6EPSS: 35%CPEs: 3EXPL: 0CVE-2017-0130
https://notcve.org/view.php?id=CVE-2017-0130
The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." This vulnerability is different from that described in CVE-2017-0040. El motor de secuencias de comandos en Microsoft Internet Explorer 9 hasta la versión 11 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, vulnerabilidad también conocida como "Scripting Engine Memory Corruption Vulnerability". Esta vulnerabilidad es diferente de la descrita en CVE-2017-0040. • http://www.securityfocus.com/bid/96647 http://www.securitytracker.com/id/1038008 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0130 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 89%CPEs: 3EXPL: 3CVE-2017-0059 – Microsoft Internet Explorer Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-0059
Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0008 and CVE-2017-0009. Microsoft Internet Explorer 9 hasta la versión 11 permiten a atacantes remotos obtener información sensible de la memoria de proceso a través de un sitio web manipulado, vulnerabilidad también conocida como "Internet Explorer Information Disclosure Vulnerability". Esta vulnerabilidad es distinta de aquellas descritas en CVE-2017-0008 y CVE-2017-0009. Microsoft Internet Explorer textarea.defaultValue suffers from a memory disclosure vulnerability. • https://www.exploit-db.com/exploits/41661 https://www.exploit-db.com/exploits/43125 https://www.exploit-db.com/exploits/42354 http://www.securityfocus.com/bid/96645 http://www.securitytracker.com/id/1038008 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0059 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 31%CPEs: 3EXPL: 0CVE-2017-0008
https://notcve.org/view.php?id=CVE-2017-0008
Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009 and CVE-2017-0059. Microsoft Internet Explorer 9 hasta la versión 11 permiten a atacantes remotos obtener información sensible de la memoria de proceso a través de un sitio web manipulado, también conocido como "Internet Explorer Information Disclosure Vulnerability". Esta vulnerabilidad es distinta de aquellas descritas en CVE-2017-0009 y CVE-2017-0059. • http://www.securityfocus.com/bid/96073 http://www.securitytracker.com/id/1038008 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0008 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 28%CPEs: 3EXPL: 0CVE-2016-7283
https://notcve.org/view.php?id=CVE-2016-7283
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Microsoft Internet Explorer 9 hasta la versión 11 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, vulnerabilidad también conocida como "Internet Explorer Memory Corruption Vulnerability." • http://www.securityfocus.com/bid/94726 http://www.securitytracker.com/id/1037448 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-144 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2016-7281
https://notcve.org/view.php?id=CVE-2016-7281
The Web Workers implementation in Microsoft Internet Explorer 10 and 11 and Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Browser Security Feature Bypass Vulnerability." La implementación Web Workers en Microsoft Internet Explorer 10 y 11 y Microsoft Edge permite a atacantes remotos eludir la Same Origin Policy a través de vectores no especificados, vulnerabilidad también conocida como "Microsoft Browser Security Feature Bypass Vulnerability." • http://www.securityfocus.com/bid/94723 http://www.securitytracker.com/id/1037444 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-144 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-145 • CWE-254: 7PK - Security Features •