CVE-2017-0064
https://notcve.org/view.php?id=CVE-2017-0064
A security feature bypass vulnerability exists in Internet Explorer that allows for bypassing Mixed Content warnings, aka "Internet Explorer Security Feature Bypass Vulnerability." Existe una vulnerabilidad de elusión de características de seguridad en Internet Explorer que permite ignorar las advertencias de contenido mixto, también conocida como "Internet Explorer Security Feature Bypass Vulnerability.". • http://www.securityfocus.com/bid/98121 http://www.securitytracker.com/id/1038447 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0064 •
CVE-2017-0238 – Microsoft Chakra Array unshift Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-0238
A remote code execution vulnerability exists in Microsoft browsers in the way JavaScript scripting engines handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, and CVE-2017-0236. Se presenta una vulnerabilidad de ejecución de código remota en los navegadores de Microsoft en la manera que los motores de scripting de JavaScript maneja los objetos en la memoria, también se conoce como "Scripting Engine Memory Corruption Vulnerability." El ID de este CVE es diferente de CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235 y CVE-2017-0236. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. • http://www.securityfocus.com/bid/98237 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0238 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-0228 – Microsoft Chakra Array Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-0228
A remote code execution vulnerability exists in Microsoft browsers in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238. Existe una vulnerabilidad de ejecución remota de código en los navegadores de Microsoft en la forma en que los motores de JavaScript se procesan al manipular objetos en la memoria, también conocido como "Vulnerabilidad de corrupción de memoria del motor de secuencias de comandos". Este CVE ID es exclusivo de CVE-2017-0224, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236 y CVE-2017-0238. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. • http://www.securityfocus.com/bid/98164 http://www.securitytracker.com/id/1038425 http://www.securitytracker.com/id/1038426 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0228 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-0226 – Microsoft Internet Explorer Enhanced Protected Mode Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2017-0226
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0222. Existe una vulnerabilidad de ejecución remota de código cuando Internet Explorer accede incorrectamente a objetos en la memoria, también conocido como "Vulnerabilidad de corrupción de memoria de Internet Explorer". Este CVE ID es exclusivo de CVE-2017-0222. This vulnerability allows remote attackers to escape the Enhanced Protected Mode (EPM) sandbox on vulnerable installations of Microsoft Internet Explorer. • http://www.securityfocus.com/bid/98139 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0226 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-0210 – Microsoft Internet Explorer Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-0210
An elevation of privilege vulnerability exists when Internet Explorer does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain, aka "Internet Explorer Elevation of Privilege Vulnerability." Existe una vulnerabilidad de elevación de privilegios cuando Internet Explorer no aplica adecuadamente las directivas entre dominios, lo que podría permitir a un atacante acceder a información de un dominio e inyectarla en otro dominio, vulnerabilidad también conocido como "Internet Explorer Elevation of Privilege Vulnerability". A privilege escalation vulnerability exists when Internet Explorer does not properly enforce cross-domain policies, which could allow an attacker to access information. • http://www.securityfocus.com/bid/97512 http://www.securitytracker.com/id/1038238 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0210 •