CVSS: 9.8EPSS: 64%CPEs: 4EXPL: 0CVE-2012-2523
https://notcve.org/view.php?id=CVE-2012-2523
15 Aug 2012 — Integer overflow in Microsoft Internet Explorer 8 and 9, JScript 5.8, and VBScript 5.8 on 64-bit platforms allows remote attackers to execute arbitrary code by leveraging an incorrect size calculation during object copying, aka "JavaScript Integer Overflow Remote Code Execution Vulnerability." Desbordamiento de entero en Microsoft Internet Explorer 8 y 9, JScript 5.8, y VBScript 5.8 sobre plataformas de 64-bit permite a atacantes remotos ejecutar código de su elección aprovechando un cálculo incorrecto de t... • http://www.us-cert.gov/cas/techalerts/TA12-227A.html • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 51%CPEs: 8EXPL: 0CVE-2012-1522
https://notcve.org/view.php?id=CVE-2012-1522
10 Jul 2012 — Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Cached Object Remote Code Execution Vulnerability." Microsoft Internet Explorer 9 no trata correctamente los objetos en memoria, permitiendo a atacantes remotos ejecutar código arbitrario mediante el acceso a un objeto eliminado, también conocido como "Cached Object Remote Code Execution Vulnerability. • http://www.us-cert.gov/cas/techalerts/TA12-192A.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 60%CPEs: 8EXPL: 0CVE-2012-1524
https://notcve.org/view.php?id=CVE-2012-1524
10 Jul 2012 — Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Attribute Remove Remote Code Execution Vulnerability." Microsoft Internet Explorer 9 no trata correctamente los objetos en memoria, permitiendo a atacantes remotos ejecutar código arbitrario mediante el acceso a un objeto eliminado, también conocido como vulnerabilidad "Attribute Remove Remote Code Execution Vulnerability." • http://www.us-cert.gov/cas/techalerts/TA12-192A.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.1EPSS: 67%CPEs: 30EXPL: 1CVE-2012-1858 – Microsoft Internet Explorer 9 / SharePoint / Lync - toStaticHTML HTML Sanitizing Bypass (MS12-037/MS12-039/MS12-050)
https://notcve.org/view.php?id=CVE-2012-1858
12 Jun 2012 — The toStaticHTML API (aka the SafeHTML component) in Microsoft Internet Explorer 8 and 9, Communicator 2007 R2, and Lync 2010 and 2010 Attendee does not properly handle event attributes and script, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted HTML document, aka "HTML Sanitization Vulnerability." La API toStaticHTML (también conocido como componente SafeHTML) en Microsoft Internet Explorer v8 y v9, Communicator 2007 R2, y Lync 2010 y 2010 Attendee no ... • https://www.exploit-db.com/exploits/19777 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 1%CPEs: 18EXPL: 0CVE-2012-1872
https://notcve.org/view.php?id=CVE-2012-1872
12 Jun 2012 — Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to inject arbitrary web script or HTML via crafted character sequences with EUC-JP encoding, aka "EUC-JP Character Encoding Vulnerability." Vulnerabilidad de ejecución de ejecución de comandos en sitios cruzados (XSS) en Microsoft Internet Explorer v6 hasta v9 que permite a atacantes remotos inyectar código web o html de su elección a través de una secuencia de caracteres manipulados con la codificaci... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-037 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 22%CPEs: 26EXPL: 0CVE-2012-1873
https://notcve.org/view.php?id=CVE-2012-1873
12 Jun 2012 — Microsoft Internet Explorer 7 through 9 does not properly create and initialize string data, which allows remote attackers to obtain sensitive information from process memory via a crafted HTML document, aka "Null Byte Information Disclosure Vulnerability." Microsoft Internet Explorer v7 hasta v9 no crea ni inicializa las cadenas de datos de forma adecuada, lo que permite a atacantes remotos obtener información sensible de procesos de memoria a través de una documento HTML manipulado, también conocido como ... • http://www.us-cert.gov/cas/techalerts/TA12-164A.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 54%CPEs: 17EXPL: 0CVE-2012-1874
https://notcve.org/view.php?id=CVE-2012-1874
12 Jun 2012 — Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows user-assisted remote attackers to execute arbitrary code by accessing a deleted object, aka "Developer Toolbar Remote Code Execution Vulnerability." Microsoft Internet Explorer v8 y v9 no gestionan de forma correcta objetos en memoria, lo que permite a atacantes remotos asistidos por usuarios locales ejecutar código intentando acceder a un objeto eliminado, también conocido como "Developer Toolbar Remote Code Execut... • http://www.us-cert.gov/cas/techalerts/TA12-164A.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 54%CPEs: 40EXPL: 0CVE-2012-1877 – Microsoft Internet Explorer Title Element Change Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-1877
12 Jun 2012 — Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Title Element Change Remote Code Execution Vulnerability." Microsoft Internet Explorer 6 hasta 9 no maneja adecuadamente objetos en memoria, lo que permite a atacantes remotos ejecutar código de su elección mediante el acceso a un objeto borrado, también conocido como "vulnerabilidad de ejecución remota de código de cambio de título d... • http://www.us-cert.gov/cas/techalerts/TA12-164A.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 54%CPEs: 40EXPL: 0CVE-2012-1878 – Microsoft Internet Explorer OnBeforeDeactivate Event Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-1878
12 Jun 2012 — Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnBeforeDeactivate Event Remote Code Execution Vulnerability." Microsoft Internet Explorer v6 hasta v9 no gestionan de forma correcta objetos en memoria, lo que permite a atacantes remotos ejecutar código accediendo a un objeto eliminado, también conocido como "OnBeforeDeactivate Event Remote Code Execution Vulnerability." This vulner... • http://www.us-cert.gov/cas/techalerts/TA12-164A.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 29%CPEs: 32EXPL: 0CVE-2012-1879 – Microsoft Internet Explorer insertAdjacentText Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-1879
12 Jun 2012 — Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access an undefined memory location, aka "insertAdjacentText Remote Code Execution Vulnerability." Microsoft Internet Explorer v6 hasta v9 no gestionan de forma correcta objetos en memoria, lo que permite a atacantes remotos ejecutar código intentado acceder a una posición de memoria no definida, también conocida como "OnRowsInserted Event Remote Code E... • http://www.us-cert.gov/cas/techalerts/TA12-164A.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •