CVSS: 6.5EPSS: 17%CPEs: 7EXPL: 0CVE-2012-0012
https://notcve.org/view.php?id=CVE-2012-0012
14 Feb 2012 — Microsoft Internet Explorer 9 does not properly handle the creation and initialization of string objects, which allows remote attackers to read data from arbitrary process-memory locations via a crafted web site, aka "Null Byte Information Disclosure Vulnerability." Microsoft Internet Explorer 9 no maneja apropiadamente la creación e inicialización de objetos de cadena, lo que permite a atacantes remotos leer datos de ubicaciones de procesos de memoria de su elección a través de una página web modificada, t... • http://www.us-cert.gov/cas/techalerts/TA12-045A.html • CWE-665: Improper Initialization •
CVSS: 9.3EPSS: 59%CPEs: 7EXPL: 0CVE-2012-0155 – Microsoft Internet Explorer VML CDispScroller Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0155
14 Feb 2012 — Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Remote Code Execution Vulnerability." Microsoft Internet Explorer 9 no maneja correctamente objetos en memoria, lo que permite a atacantes remotos ejecutar código de su elección accediendo a objetos eliminados, también conocido como "VML Remote Code Execution Vulnerability." This vulnerability allows remote attackers to execute arbitrary co... • http://www.us-cert.gov/cas/techalerts/TA12-045A.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 36%CPEs: 5EXPL: 0CVE-2011-2019
https://notcve.org/view.php?id=CVE-2011-2019
14 Dec 2011 — Untrusted search path vulnerability in Microsoft Internet Explorer 9 on Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an HTML file, aka "Internet Explorer Insecure Library Loading Vulnerability." Una vulnerabilidad de ruta de búsqueda no confiable en Microsoft Internet Explorer v9 en Windows Server 2008 R2 y R2 SP1 y Windows 7 Gold y SP1 permite a usuario... • http://www.us-cert.gov/cas/techalerts/TA11-347A.html • CWE-426: Untrusted Search Path •
CVSS: 4.3EPSS: 20%CPEs: 27EXPL: 0CVE-2011-3404
https://notcve.org/view.php?id=CVE-2011-3404
14 Dec 2011 — Microsoft Internet Explorer 6 through 9 does not properly use the Content-Disposition HTTP header to control rendering of the HTTP response body, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Content-Disposition Information Disclosure Vulnerability." Microsoft Internet Explorer 6 hasta la versión 9 no utiliza apropiadamente la cabecera HTTP Content-Disposition para controlar la representación gráfica del cuerpo de la respuesta HTTP, lo que... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-099 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 16%CPEs: 4EXPL: 1CVE-2011-4689
https://notcve.org/view.php?id=CVE-2011-4689
07 Dec 2011 — Microsoft Internet Explorer 6 through 9 does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code. Microsoft Internet Explorer v6 hasta v9, no impide la captura de datos sobre los tiempos de violación de "Same Origin Policy" durante los intentos de carga de IFRAME, lo que facilita a los atacantes remotos determinar si exist... • http://lcamtuf.coredump.cx/cachetime • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 37%CPEs: 30EXPL: 0CVE-2011-1993
https://notcve.org/view.php?id=CVE-2011-1993
12 Oct 2011 — Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Scroll Event Remote Code Execution Vulnerability." Microsoft Internet Explorer v6 a v9 no trata correctamente los objetos en la memoria, lo que permite a atacantes remotos ejecutar código de su elección accediendo a un objeto eliminado. También conocidacomo "vulnerabilidad de ejecución remota de código del evento Scroll". • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081 •
CVSS: 9.3EPSS: 35%CPEs: 30EXPL: 0CVE-2011-1995
https://notcve.org/view.php?id=CVE-2011-1995
12 Oct 2011 — Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "OLEAuto32.dll Remote Code Execution Vulnerability." Microsoft Internet Explorer v6 a v9 no trata correctamente los objetos en la memoria, lo que permite a atacantes remotos ejecutar código de su elección, accediendo a un objeto que no se ha inicializado correctamente. También conocida como "vulnerabilidad de... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081 • CWE-908: Use of Uninitialized Resource •
CVSS: 9.3EPSS: 40%CPEs: 7EXPL: 0CVE-2011-1998
https://notcve.org/view.php?id=CVE-2011-1998
12 Oct 2011 — Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "Jscript9.dll Remote Code Execution Vulnerability." Microsoft Internet Explorer v9 no trata correctamente los objetos en la memoria, lo que permite a atacantes remotos ejecutar código de su elección accediendo a un objeto que que no Se ha inicializado correctamente. También conocido como "Vulnerabilidad de ejecución Re... • http://www.securityfocus.com/bid/49963 • CWE-908: Use of Uninitialized Resource •
CVSS: 9.3EPSS: 37%CPEs: 30EXPL: 0CVE-2011-2000 – Microsoft Internet Explorer swapNode Handling Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-2000
12 Oct 2011 — Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Body Element Remote Code Execution Vulnerability." Microsoft Internet Explorer v6 a v9 no trata correctamente los objetos en la memoria, lo que permite a atacantes remotos ejecutar código de su elección accediendo a un objeto eliminado. También conocida como "vulnerabilidad de ejecución remota de código a través del elemento Body". Th... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081 •
CVSS: 9.8EPSS: 48%CPEs: 27EXPL: 0CVE-2011-2001 – Microsoft Internet Explorer SetExpandedClipRect Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-2001
12 Oct 2011 — Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an attempted access to a virtual function table after corruption of this table has occurred, aka "Virtual Function Table Corruption Remote Code Execution Vulnerability." Microsoft Internet Explorer v6 a v9 no trata correctamente los objetos en la memoria, lo que permite a atacantes remotos ejecutar código de su elección a través de un intento de acceso a una tabla d... • http://www.securityfocus.com/bid/49966 •