CVSS: 8.8EPSS: 58%CPEs: 14EXPL: 0CVE-2017-0222 – Microsoft Internet Explorer Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-0222
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0226. Existe una vulnerabilidad de ejecución remota de código cuando Internet Explorer accede incorrectamente a objetos en memoria, también conocido como "Internet Explorer Memory Corruption Vulnerability". Este CVE ID es exclusivo para CVE-2017-0226. A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. • http://www.securityfocus.com/bid/98127 http://www.securitytracker.com/id/1038423 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0222 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-0064
https://notcve.org/view.php?id=CVE-2017-0064
A security feature bypass vulnerability exists in Internet Explorer that allows for bypassing Mixed Content warnings, aka "Internet Explorer Security Feature Bypass Vulnerability." Existe una vulnerabilidad de elusión de características de seguridad en Internet Explorer que permite ignorar las advertencias de contenido mixto, también conocida como "Internet Explorer Security Feature Bypass Vulnerability.". • http://www.securityfocus.com/bid/98121 http://www.securitytracker.com/id/1038447 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0064 •
CVSS: 7.6EPSS: 12%CPEs: 4EXPL: 0CVE-2017-0238 – Microsoft Chakra Array unshift Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-0238
A remote code execution vulnerability exists in Microsoft browsers in the way JavaScript scripting engines handle objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, and CVE-2017-0236. Se presenta una vulnerabilidad de ejecución de código remota en los navegadores de Microsoft en la manera que los motores de scripting de JavaScript maneja los objetos en la memoria, también se conoce como "Scripting Engine Memory Corruption Vulnerability." El ID de este CVE es diferente de CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235 y CVE-2017-0236. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. • http://www.securityfocus.com/bid/98237 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0238 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 17%CPEs: 2EXPL: 0CVE-2017-0228 – Microsoft Chakra Array Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-0228
A remote code execution vulnerability exists in Microsoft browsers in the way JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0224, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236, and CVE-2017-0238. Existe una vulnerabilidad de ejecución remota de código en los navegadores de Microsoft en la forma en que los motores de JavaScript se procesan al manipular objetos en la memoria, también conocido como "Vulnerabilidad de corrupción de memoria del motor de secuencias de comandos". Este CVE ID es exclusivo de CVE-2017-0224, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, CVE-2017-0236 y CVE-2017-0238. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. • http://www.securityfocus.com/bid/98164 http://www.securitytracker.com/id/1038425 http://www.securitytracker.com/id/1038426 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0228 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 15%CPEs: 2EXPL: 0CVE-2017-0226 – Microsoft Internet Explorer Enhanced Protected Mode Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2017-0226
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-0222. Existe una vulnerabilidad de ejecución remota de código cuando Internet Explorer accede incorrectamente a objetos en la memoria, también conocido como "Vulnerabilidad de corrupción de memoria de Internet Explorer". Este CVE ID es exclusivo de CVE-2017-0222. This vulnerability allows remote attackers to escape the Enhanced Protected Mode (EPM) sandbox on vulnerable installations of Microsoft Internet Explorer. • http://www.securityfocus.com/bid/98139 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0226 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •