CVSS: 9.3EPSS: 96%CPEs: 29EXPL: 1CVE-2013-2551 – Microsoft Internet Explorer Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2013-2551
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1308 and CVE-2013-1309. Vulnerabilidad no especificada en Microsoft Internet Explorer 10 en Windows 8 permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos, como se mostró por VUPEN durante la competición Pwn2Own en CanSecWest 2013. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of VML data. The issue lies in the handling of an array when defined as an attribute of a subelement of a shape. • https://www.exploit-db.com/exploits/26175 http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Pwn2Own-2013/ba-p/5981157 http://twitter.com/VUPEN/statuses/309479075385327617 http://twitter.com/thezdi/statuses/309452625173176320 http://www.us-cert.gov/ncas/alerts/TA13-134A https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-037 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16317 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 79%CPEs: 40EXPL: 0CVE-2013-0030
https://notcve.org/view.php?id=CVE-2013-0030
The Vector Markup Language (VML) implementation in Microsoft Internet Explorer 6 through 10 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via a crafted web site, aka "VML Memory Corruption Vulnerability." La implementación de Vector Markup Language (VML) en Microsoft Internet Explorer 6 a 10 no se asignan correctamente buffers, lo que permite a atacantes remotos ejecutar código arbitrario a través de un sitio web hecho a mano, también conocido como "Vulnerabilidad de corrupción en la memoria VML". • http://www.us-cert.gov/cas/techalerts/TA13-043B.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-010 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16175 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 87%CPEs: 14EXPL: 0CVE-2013-0023 – Microsoft Internet Explorer CDispNode Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-0023
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CDispNode Use After Free Vulnerability." Vulnerabilidad de uso después de liberación en Microsoft Internet Explorer 9 y 10 que permite a atacantes remotos ejecutar código arbitrario a través de un sitio web modificado que desencadena el acceso a un objeto eliminado, también conocido como "Internet Explorer CDispNode Use After Free Vulnerability." This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific issue is due to the way Internet Explorer handles SVG objects. A use-after-free condition can be created when an SVG references a self-referent SVG. • http://www.us-cert.gov/cas/techalerts/TA13-043B.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-009 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16470 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 86%CPEs: 14EXPL: 0CVE-2013-0075
https://notcve.org/view.php?id=CVE-2013-0075
The TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows remote attackers to cause a denial of service (reboot) via a crafted packet that terminates a TCP connection, aka "TCP FIN WAIT Vulnerability." La implementación de TCP/IP en Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, y R2 SP1, Windows 7 Gold y SP1, Windows 8, Windows Server 2012, y Windows RT permite a atacantes remotos causar una denegación de servicio (reinicio) a través de la modificación de un paquete que termina una conexión TCP, también conocido como "Vulnerabilidad TCP FIN WAIT". • http://www.us-cert.gov/cas/techalerts/TA13-043B.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-018 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16373 •
CVSS: 9.3EPSS: 93%CPEs: 36EXPL: 1CVE-2013-0019 – Microsoft Internet Explorer COmWindowProxy Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-0019
Use-after-free vulnerability in Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer COmWindowProxy Use After Free Vulnerability." Vulnerabilidad de uso después de liberación en Microsoft Internet Explorer 7 hasta 10 que permite a atacantes remotos ejecutar código arbitrario a través de un sitio web modificado que desencadena el acceso a un objeto eliminado, también conocido como "Internet Explorer COmWindowProxy Use After Free Vulnerability." This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of iframes. By manipulating an iframe using window.open an attacker can force a dangling pointer to be reused after it has been freed. • https://www.exploit-db.com/exploits/40879 http://blog.skylined.nl/20161202001.html http://www.us-cert.gov/cas/techalerts/TA13-043B.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-009 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16465 • CWE-399: Resource Management Errors •