CVSS: 7.6EPSS: 7%CPEs: 12EXPL: 0CVE-2017-11822
https://notcve.org/view.php?id=CVE-2017-11822
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how Internet Explorer handles objects in memory, aka "Internet Explorer Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11813. Internet Explorer en Microsoft Windows 7 SP1, Windows Server 2008 SP2 y R2 SP1, Windows 8.1 y Windows RT 8.1, Windows Server 2012 y R2, Windows 10 Gold, 1511, 1607, 1703, y Windows Server 2016 permite que un atacante ejecute código arbitrario en el contexto del usuario actual debido a cómo gestiona Internet Explorer objetos en la memoria, lo que también se conoce como "Internet Explorer Memory Corruption Vulnerability". El ID de este CVE es diferente de CVE-2017-11813. • http://www.securityfocus.com/bid/101122 http://www.securitytracker.com/id/1039532 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11822 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 15EXPL: 0CVE-2017-11790 – Microsoft Office Excel xls File Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-11790
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how Internet Explorer handles objects in memory, aka "Internet Explorer Information Disclosure Vulnerability". Internet Explorer en Microsoft Windows 7 SP1, Windows Server 2008 SP2 y R2 SP1, Windows 8.1 y Windows RT 8.1, Windows Server 2012 y R2, Windows 10 Gold, 1511, 1607, 1703, y Windows Server 2016 permite que un atacante obtenga información para comprometer aun más el sistema del usuario debido a cómo gestiona Internet Explorer los objetos en la memoria, lo que también se conoce como "Internet Explorer Information Disclosure Vulnerability". This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of Excel workbook files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. • http://www.securityfocus.com/bid/101077 http://www.securitytracker.com/id/1039532 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11790 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.6EPSS: 7%CPEs: 13EXPL: 0CVE-2017-8747
https://notcve.org/view.php?id=CVE-2017-8747
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Internet Explorer accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8749. Internet Explorer en Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 y Windows RT 8.1, Windows Server 2012 y R2, Windows 10 Gold, 1511, 1607, 1703 y Windows Server 2016 permiten a un atacante ejecutar código remotamente en el contexto del usuario actual por la manera en la que Internet Explorer accede a los objetos en la memoria. Esto también se conoce como "Internet Explorer Memory Corruption Vulnerability". El ID de este CVE es distinto a CVE-2017-8749. • http://www.securityfocus.com/bid/100765 http://www.securitytracker.com/id/1039328 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8747 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 7%CPEs: 14EXPL: 0CVE-2017-8749
https://notcve.org/view.php?id=CVE-2017-8749
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way that Internet Explorer accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8747. Internet Explorer en Microsoft Windows 7 SP1, Windows Server 2008 SP2 y R2 SP1, Windows 8.1 y Windows RT 8.1, Windows Server 2012 y R2, Windows 10 Gold, 1511, 1607, 1703 y Windows Server 2016 permiten a un atacante ejecutar código remotamente en el contexto del usuario actual por la manera en la que Internet Explorer accede a los objetos en la memoria. Esto también se conoce como "Internet Explorer Memory Corruption Vulnerability". El ID de este CVE es distinto a CVE-2017-8747. • http://www.securityfocus.com/bid/100770 http://www.securitytracker.com/id/1039328 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8749 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 13EXPL: 0CVE-2017-8736
https://notcve.org/view.php?id=CVE-2017-8736
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to obtain specific information used in the parent domain, due to Microsoft browser parent domain verification in certain functionality, aka "Microsoft Browser Information Disclosure Vulnerability". Internet Explorer en Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 y Windows RT 8.1, Windows Server 2012 R2 y Microsoft Edge e Internet Explorer en Windows 10 Gold, 1511, 1607, 1703 y Windows Server 2016 permiten a un atacante obtener información específica en el dominio padre por la verificación de dominios padre del navegador de Windows en ciertas funcionalidades. Esto también se conoce como "Microsoft Browser Information Disclosure Vulnerability". • http://www.securityfocus.com/bid/100743 http://www.securitytracker.com/id/1039342 http://www.securitytracker.com/id/1039343 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8736 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •