CVSS: 9.3EPSS: 62%CPEs: 6EXPL: 2CVE-2014-1815 – Microsoft Internet Explorer - Memory Corruption (PoC) (MS14-029)
https://notcve.org/view.php?id=CVE-2014-1815
14 May 2014 — Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as exploited in the wild in May 2014, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0310. Microsoft Internet Explorer 6 hasta 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, tal y como fue d... • https://packetstorm.news/files/id/128052 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 26%CPEs: 6EXPL: 0CVE-2014-0310 – Microsoft Internet Explorer Attribute Double Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-0310
13 May 2014 — Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1815. Microsoft Internet Explorer 6 hasta 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como 'vulnerabilidad de corrupción de... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-029 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 37%CPEs: 6EXPL: 1CVE-2014-1762 – (Pwn2Own\Pwn4Fun) Microsoft Internet Explorer localhost Protected Mode Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2014-1762
27 Apr 2014 — Unspecified vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code with medium-integrity privileges and bypass a sandbox protection mechanism via unknown vectors, as demonstrated by ZDI during a Pwn4Fun competition at CanSecWest 2014. Vulnerabilidad no especificada en Microsoft Internet Explorer 6 hasta la versión 11 permite a atacantes remotos ejecutar código arbitario con privilegios de integridad media y eludir un mecanismo de protección sandbox a trav... • https://www.exploit-db.com/exploits/34010 •
CVSS: 10.0EPSS: 39%CPEs: 3EXPL: 0CVE-2014-1763 – Microsoft Internet Explorer CSS Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2014-1763
27 Apr 2014 — Use-after-free vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014. Vulnerabilidad de uso después de liberación en Microsoft Vulnerabilidad de uso después de liberación de memoria en Microsoft Internet Explorer 9 hasta la versión 11 permite a atacantes remotos ejecutar código arbitrario y eludir un mecanismo de pro... • http://secunia.com/advisories/59775 • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 68%CPEs: 5EXPL: 1CVE-2014-1764 – Microsoft Internet Explorer Protected Mode Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2014-1764
27 Apr 2014 — Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism by leveraging "object confusion" in a broker process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014. Microsoft Internet Explorer 7 hasta la versión 11 permite a atacantes remotos ejecutar código arbitrario y eludir un mecanismo de protección sandbox aprovechando "confusión de objeto" en un proceso broker, según lo demostrado por VUPEN durante una com... • https://www.exploit-db.com/exploits/34010 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 46%CPEs: 6EXPL: 0CVE-2014-1765 – Microsoft Internet Explorer CAttrValue Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-1765
27 Apr 2014 — Multiple use-after-free vulnerabilities in Microsoft Internet Explorer 6 through 11 allow remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by Sebastian Apelt and Andreas Schmidt during a Pwn2Own competition at CanSecWest 2014. Múltiples vulnerabilidades de uso después de liberación de memoria en Microsoft Internet Explorer 6 hasta la versión 11 permiten a atacantes remotos ejecutar un código arbitrario a través de vectores no especificados, tal como fue demostrado por Seba... • http://secunia.com/advisories/59775 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 15%CPEs: 3EXPL: 1CVE-2014-1766 – Microsoft Internet Explorer CDispNodeBase Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-1766
27 Apr 2014 — Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by Sebastian Apelt and Andreas Schmidt during a Pwn2Own competition at CanSecWest 2014. NOTE: the original disclosure referred to triggering a kernel bug with the Internet Explorer exploit payload, but this ID is not for a kernel vulnerability. Microsoft Internet Explorer 9 hasta la versión 11 permite a atacantes remotos ejecutar ... • https://www.exploit-db.com/exploits/34010 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 76%CPEs: 35EXPL: 1CVE-2014-1776 – Microsoft Internet Explorer Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2014-1776
27 Apr 2014 — Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014. NOTE: this issue originally emphasized VGX.DLL, but Microsoft clarified that "VGX.DLL does not contain the vulnerable code leveraged in this exploit. Disabling VGX.DLL is an exploit-specific workaround that provides an immediat... • http://blogs.technet.com/b/srd/archive/2014/04/30/protection-strategies-for-the-security-advisory-2963983-ie-0day.aspx • CWE-416: Use After Free •
CVSS: 9.3EPSS: 35%CPEs: 1EXPL: 0CVE-2014-0325 – Microsoft Internet Explorer CElement Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-0325
10 Apr 2014 — Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site that triggers improper processing of CElement objects, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1751 and CVE-2014-1755. NOTE: MS14-018 originally had a typo of CVE-2014-0235 for this. Vulnerabilidad de uso después de liberación en Microsoft Internet Explorer 9 permite a a... • http://www.securityfocus.com/bid/66646 •
CVSS: 9.3EPSS: 26%CPEs: 1EXPL: 0CVE-2014-1751
https://notcve.org/view.php?id=CVE-2014-1751
08 Apr 2014 — Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0235 and CVE-2014-1755. Microsoft Internet Explorer 9 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio Web manipulado, también conocido como "Vulnerabilidad de Corrupción de M... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-018 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •