CVSS: 9.3EPSS: 64%CPEs: 2EXPL: 0CVE-2015-6084
https://notcve.org/view.php?id=CVE-2015-6084
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6064 and CVE-2015-6085. Microsoft Internet Explorer 10 y 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de una página web manipulada, también conocida como 'Internet Explorer Memory Corruption Vulnerability', una vulnerabilidad diferente a CVE-2015-6064 y CVE-2015-6085. • http://www.securitytracker.com/id/1034112 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-112 https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1209 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 37%CPEs: 5EXPL: 0CVE-2015-6076 – Microsoft Internet Explorer htmlFor Attribute Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-6076
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6066, CVE-2015-6070, CVE-2015-6071, CVE-2015-6074, and CVE-2015-6087. Microsoft Internet Explorer 7 hasta la versión 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de una página web manipulada, también conocida como 'Internet Explorer Memory Corruption Vulnerability', una vulnerabilidad diferente a CVE-2015-6066, CVE-2015-6070, CVE-2015-6071, CVE-2015-6074 y CVE-2015-6087. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how Internet Explorer processes the htmlFor attribute of script elements. By manipulating a document's elements an attacker can force a CElement-derived object in memory to be reused after it has been freed. • http://www.securityfocus.com/bid/77449 http://www.securitytracker.com/id/1034112 http://www.zerodayinitiative.com/advisories/ZDI-15-541 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-112 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 88%CPEs: 3EXPL: 0CVE-2015-6064 – Microsoft Internet Explorer COptionElement::InvalidateDataListAncestorCollections Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-6064
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6084 and CVE-2015-6085. Microsoft Internet Explorer 10 y 11 y Microsoft Edge permiten a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de una página web manipulada, también conocida como 'Microsoft Browser Memory Corruption Vulnerability', una vulnerabilidad diferente a CVE-2015-6084 y CVE-2015-6085. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how Internet Explorer caches the options collection of datalist elements. By manipulating a document's elements an attacker can force a COptionElement object in memory to be reused after it has been freed. • http://www.securityfocus.com/bid/77470 http://www.securitytracker.com/id/1034112 http://www.securitytracker.com/id/1034113 http://www.zerodayinitiative.com/advisories/ZDI-15-538 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-112 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-113 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 93%CPEs: 3EXPL: 2CVE-2015-6086 – Microsoft Internet Explorer CDOMStringDataList::InitFromString Out-Of-Bounds Indexing Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2015-6086
Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." Microsoft Internet Explorer 9 hasta la versión 11 permite a atacantes remotos obtener información sensible de la memoria de proceso a través de una página web manipulada, también conocida como 'Internet Explorer Information Disclosure Vulnerability'. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within CDOMStringDataList::InitFromString. By manipulating a document's elements an attacker can read outside the bounds of an allocated chunk. • https://www.exploit-db.com/exploits/39698 https://github.com/payatu/CVE-2015-6086 http://www.securityfocus.com/bid/77461 http://www.securitytracker.com/id/1034112 http://www.zerodayinitiative.com/advisories/ZDI-15-547 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-112 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 37%CPEs: 4EXPL: 0CVE-2015-6081 – Microsoft Internet Explorer CTableLayout Out-Of-Bounds Memory Access Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-6081
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6069. Microsoft Internet Explorer 8 hasta la versión 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de una página web manipulada, también conocida como 'Internet Explorer Memory Corruption Vulnerability', una vulnerabilidad diferente a CVE-2015-6069. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of CTableLayout objects. By manipulating a document's elements an attacker can force out-of-bounds reads and writes. • http://www.securityfocus.com/bid/77453 http://www.securitytracker.com/id/1034112 http://www.zerodayinitiative.com/advisories/ZDI-15-544 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-112 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •