CVSS: 9.3EPSS: 54%CPEs: 32EXPL: 0CVE-2012-1880 – Microsoft Internet Explorer insertRow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-1880
12 Jun 2012 — Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "insertRow Remote Code Execution Vulnerability." Microsoft Internet Explorer 6 hasta 9 no maneja adecuadamente objetos en memoria, lo que permite a un atacante remoto ejecutar código de su elección mediante el acceso a un objeto borrado, también conocido como "vulnerabilidad de ejecución remota de código insertRow". This vulnerability ... • http://www.us-cert.gov/cas/techalerts/TA12-164A.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 54%CPEs: 17EXPL: 0CVE-2012-1881 – Microsoft Internet Explorer OnRowsInserted Event Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-1881
12 Jun 2012 — Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnRowsInserted Event Remote Code Execution Vulnerability." Microsoft Internet Explorer 8 y 9 no gestionan de forma correcta objetos en memoria, lo que permite a atacantes remotos ejecutar código accediendo a objetos borrados, también conocido como "OnRowsInserted Event Remote Code Execution Vulnerability." This vulnerability allows remote... • http://www.us-cert.gov/cas/techalerts/TA12-164A.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 4.3EPSS: 24%CPEs: 32EXPL: 0CVE-2012-1882
https://notcve.org/view.php?id=CVE-2012-1882
12 Jun 2012 — Microsoft Internet Explorer 6 through 9 does not block cross-domain scrolling events, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Scrolling Events Information Disclosure Vulnerability." Microsoft Internet Explorer 6 hasta 9 no bloquea eventos de desplazamiento de dominios cruzados, los cuales permiten a atacantes remotos leer contenido desde (1) un dominio o (2) zona a través de un sitio web manipulado, conocido también como "vulnerabili... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-037 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 87%CPEs: 34EXPL: 9CVE-2012-1876 – Microsoft Internet Explorer Fixed Table Colspan Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-1876
12 Jun 2012 — Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access a nonexistent object, leading to a heap-based buffer overflow, aka "Col Element Remote Code Execution Vulnerability," as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012. Consumer Preview de Microsoft Internet Explorer versión 6 hasta la versión 9 y versión 10 , no maneja apropiadamente los objetos e... • https://packetstorm.news/files/id/127316 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 43%CPEs: 27EXPL: 0CVE-2012-0168
https://notcve.org/view.php?id=CVE-2012-0168
10 Apr 2012 — Microsoft Internet Explorer 6 through 9 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML document that is not properly handled during a "Print table of links" print operation, aka "Print Feature Remote Code Execution Vulnerability." Microsoft Internet Explorer 6 hasta la versión 9 permite a atacantes remotos asistidos por el usuario ejecutar código arbitrario a través de un documento HTML modificado que no es apropiadamente manejado durante una operación de impresión "Print... • http://osvdb.org/81126 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 52%CPEs: 7EXPL: 0CVE-2012-0169
https://notcve.org/view.php?id=CVE-2012-0169
10 Apr 2012 — Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "JScript9 Remote Code Execution Vulnerability." Microsoft Internet Explorer 9 no maneja apropiadamente objetos en memoria, lo que permite a atacantes remotos ejecutar código arbitrario accediendo a un objeto borrado. También conocida como "vulnerabilidad de ejecución de código remota JScript9". • http://osvdb.org/81127 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 58%CPEs: 27EXPL: 0CVE-2012-0171
https://notcve.org/view.php?id=CVE-2012-0171
10 Apr 2012 — Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "SelectAll Remote Code Execution Vulnerability." Microsoft Internet Explorer 6 hasta la versión 9 no maneja apropiadamente objetos en memoria, lo que permite a atacantes remotos ejecutar código arbitrario accediendo a un objeto borrado. También conocida como "vulnerabilidad de ejecución de código remota SelectAll". • http://www.securitytracker.com/id?1026901 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 8%CPEs: 30EXPL: 0CVE-2012-1545
https://notcve.org/view.php?id=CVE-2012-1545
09 Mar 2012 — Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, allows remote attackers to bypass Protected Mode or cause a denial of service (memory corruption) by leveraging access to a Low integrity process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012. Microsoft Internet Explorer v6 a v9, y v10 Consumer Preview, permite a atacantes remotos eludir el modo protegido o causar una denegación de servicio (por corrupción de memoria), aprovechando el acceso a un proceso de baja in... • http://arstechnica.com/business/news/2012/03/ie-9-on-latest-windows-gets-stomped-at-hacker-contest.ars • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 20%CPEs: 27EXPL: 0CVE-2012-0010
https://notcve.org/view.php?id=CVE-2012-0010
14 Feb 2012 — Microsoft Internet Explorer 6 through 9 does not properly perform copy-and-paste operations, which allows user-assisted remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Copy and Paste Information Disclosure Vulnerability." Microsoft Internet Explorer v6 hasta v9, no realiza adecuadamente las operaciones copiar y pegar, lo que permite a atacantes remotos asistidos por el usuario leer el contenido de un diferente (1) dominio o (2) zona a través de un sitio ... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-010 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 44%CPEs: 23EXPL: 0CVE-2012-0011 – Microsoft Internet Explorer CDispNode t:MEDIA Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0011
14 Feb 2012 — Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "HTML Layout Remote Code Execution Vulnerability." Microsoft Internet Explorer v7 hasta v9, no maneja apropiadamente los objetos en memoria, lo que permite a atacantes remotos ejecutar código de su elección accediendo a objetos borrados, también conocido como "HTML Layout Remote Code Execution Vulnerability." This vulnerability allows ... • http://www.us-cert.gov/cas/techalerts/TA12-045A.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •