CVSS: 7.6EPSS: 34%CPEs: 4EXPL: 0CVE-2016-0154
https://notcve.org/view.php?id=CVE-2016-0154
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability." Microsoft Internet Explorer 9 hasta la versión 11 y Microsoft Edge permiten a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de una página web manipulada, también conocida como "Microsoft Browser Memory Corruption Vulnerability". • http://www.securitytracker.com/id/1035521 http://www.securitytracker.com/id/1035522 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-037 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-038 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 6%CPEs: 13EXPL: 0CVE-2016-0162 – Microsoft Internet Explorer Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2016-0162
Microsoft Internet Explorer 9 through 11 allows remote attackers to determine the existence of files via crafted JavaScript code, aka "Internet Explorer Information Disclosure Vulnerability." Microsoft Internet Explorer 9 hasta la versión 11 permite a atacantes remotos determinar la existencia de archivos a través código JavaScript manipulado, también conocida como "Internet Explorer Information Disclosure Vulnerability". An information disclosure vulnerability exists when Internet Explorer does not properly handle JavaScript. The vulnerability could allow an attacker to detect specific files on the user's computer. • http://www.securityfocus.com/bid/85939 http://www.securitytracker.com/id/1035521 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-037 •
CVSS: 7.6EPSS: 19%CPEs: 1EXPL: 0CVE-2016-0159 – Microsoft Internet Explorer CTableLayout AddRow Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-0159
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Microsoft Internet Explorer 9 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de una página web manipulada, también conocida como "Internet Explorer Memory Corruption Vulnerability". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how Internet Explorer keeps track of table rows when performing layout of HTML tables. By manipulating a document's elements an attacker can cause Internet Explorer to write beyond the end of an array of pointers to CTableRow objects. • http://www.securitytracker.com/id/1035521 http://www.zerodayinitiative.com/advisories/ZDI-16-231 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-037 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 5%CPEs: 7EXPL: 0CVE-2015-6184
https://notcve.org/view.php?id=CVE-2015-6184
The CAttrArray object implementation in Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and memory corruption) via a malformed Cascading Style Sheets (CSS) token sequence in conjunction with modifications to HTML elements, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6048 and CVE-2015-6049. La implementación de objeto CAttrArray en Microsoft Internet Explorer 7 hasta la versión 11 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (confusión de tipo y corrupción de memoria) a través de una secuencia de tokens Cascading Style Sheets (CSS) mal formada en conjunción con modificaciones a elementos HTML, también conocida como "Internet Explorer Memory Corruption Vulnerability", una vulnerabilidad diferente a CVE-2015-6048 y CVE-2015-6049. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-106 https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1218 •
CVSS: 7.6EPSS: 15%CPEs: 4EXPL: 0CVE-2016-0105
https://notcve.org/view.php?id=CVE-2016-0105
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0107, CVE-2016-0111, CVE-2016-0112, and CVE-2016-0113. Microsoft Internet Explorer 9 hasta la versión 11 y Microsoft Edge permiten a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de una página web manipulada, también conocida como "Microsoft Browser Memory Corruption Vulnerability", una vulnerabilidad diferente a CVE-2016-0107, CVE-2016-0111, CVE-2016-0112 y CVE-2016-0113. • http://www.securityfocus.com/bid/84019 http://www.securitytracker.com/id/1035203 http://www.securitytracker.com/id/1035204 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-023 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-024 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •