Page 56 of 523 results (0.011 seconds)

CVSS: 9.3EPSS: 89%CPEs: 14EXPL: 0

CVE-2012-4787 – Flash JIT Internet Explorer 9 Exploit

https://notcve.org/view.php?id=CVE-2012-4787

Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2) is deleted, aka "Improper Ref Counting Use After Free Vulnerability." Vulnerabilidad de uso después de liberación en Microsoft Internet Explorer 9 y 10, permite a atacantes remotos ejecutar código arbitrario a través de un sitio web manipulado que desencadena el acceso a un objeto que (1) no se ha inicializado correctamente o (2) se elimina, también conocido como "Improper Ref Counting Use After Free Vulnerability.". • http://www.us-cert.gov/cas/techalerts/TA12-346A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-077 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16211 • CWE-399: Resource Management Errors CWE-416: Use After Free •

CVSS: 9.3EPSS: 78%CPEs: 9EXPL: 0

CVE-2012-1538

https://notcve.org/view.php?id=CVE-2012-1538

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CFormElement Use After Free Vulnerability." Vulnerabilidad de uso después de la liberación en Microsoft Internet Explorer 9, permite a atacantes remotos ejecutar código mediante un sitio Web manipulado, también conocido como "CFormElement Use After Free Vulnerability." • http://secunia.com/advisories/51202 http://www.securityfocus.com/bid/56420 http://www.securitytracker.com/id?1027749 http://www.us-cert.gov/cas/techalerts/TA12-318A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-071 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15677 • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 78%CPEs: 9EXPL: 0

CVE-2012-4775

https://notcve.org/view.php?id=CVE-2012-4775

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability." Una vulnerabilidad de uso después de liberación en Microsoft Internet Explorer 9 permite a atacantes remotos ejecutar código de su elección a través de un sitio web diseñado para tal fin. Se trata de un problema también conocido como "CTreeNode Utilice Después de vulnerabilidad Libre". • http://secunia.com/advisories/51202 http://www.securityfocus.com/bid/56422 http://www.securitytracker.com/id?1027749 http://www.us-cert.gov/cas/techalerts/TA12-318A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-071 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15932 • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 78%CPEs: 9EXPL: 0

CVE-2012-1539

https://notcve.org/view.php?id=CVE-2012-1539

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreePos Use After Free Vulnerability." Vulnerabilidad de uso después de la liberación en Microsoft Internet Explorer 9, permite a atacantes remotos ejecutar código arbitrario mediante un sitio web manipulado, también conocido como "CTreePos Use After Free Vulnerability." • http://secunia.com/advisories/51202 http://www.securityfocus.com/bid/56421 http://www.securitytracker.com/id?1027749 http://www.us-cert.gov/cas/techalerts/TA12-318A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-071 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15886 • CWE-399: Resource Management Errors CWE-416: Use After Free •

CVSS: 9.3EPSS: 85%CPEs: 50EXPL: 1

CVE-2012-4969 – Microsoft Internet Explorer Use-After-Free Vulnerability

https://notcve.org/view.php?id=CVE-2012-4969

Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012. Vulnerabilidad de error en la gestión de recursos en la función CMshtmlEd::Exec en mshtml.dll en Microsoft Internet Explorer 6 a 9 permite a atacantes remotos ejecutar código arbitrario a través de un sitio web diseñado, como se ha explotado en septiembre de 2012. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the CCommand::Exec function. It is possible to free certain objects in a callback function called from the CCommand::Exec function. • https://www.exploit-db.com/exploits/21840 http://blog.vulnhunt.com/index.php/2012/09/17/ie-execcommand-fuction-use-after-free-vulnerability-0day_en http://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/ie_execcommand_uaf.rb http://eromang.zataz.com/2012/09/16/zero-day-season-is-really-not-over-yet http://technet.microsoft.com/security/advisory/2757760 http://www.kb.cert.org/vuls/id/480095 http://www.securitytracker.com/id?1027538 http •