CVSS: 7.6EPSS: 24%CPEs: 1EXPL: 0CVE-2016-0159 – Microsoft Internet Explorer CTableLayout AddRow Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-0159
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Microsoft Internet Explorer 9 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de una página web manipulada, también conocida como "Internet Explorer Memory Corruption Vulnerability". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how Internet Explorer keeps track of table rows when performing layout of HTML tables. By manipulating a document's elements an attacker can cause Internet Explorer to write beyond the end of an array of pointers to CTableRow objects. • http://www.securitytracker.com/id/1035521 http://www.zerodayinitiative.com/advisories/ZDI-16-231 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-037 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 24%CPEs: 1EXPL: 0CVE-2016-0166 – Microsoft Internet Explorer CMediaEngine Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-0166
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Microsoft Internet Explorer 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de una página web manipulada, también conocida como "Internet Explorer Memory Corruption Vulnerability". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of CMediaEngine objects. By manipulating a document's elements an attacker can force a dangling pointer to be reused after it has been freed. • http://www.securitytracker.com/id/1035521 http://www.zerodayinitiative.com/advisories/ZDI-16-230 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-037 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 5%CPEs: 7EXPL: 0CVE-2015-6184
https://notcve.org/view.php?id=CVE-2015-6184
The CAttrArray object implementation in Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and memory corruption) via a malformed Cascading Style Sheets (CSS) token sequence in conjunction with modifications to HTML elements, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6048 and CVE-2015-6049. La implementación de objeto CAttrArray en Microsoft Internet Explorer 7 hasta la versión 11 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (confusión de tipo y corrupción de memoria) a través de una secuencia de tokens Cascading Style Sheets (CSS) mal formada en conjunción con modificaciones a elementos HTML, también conocida como "Internet Explorer Memory Corruption Vulnerability", una vulnerabilidad diferente a CVE-2015-6048 y CVE-2015-6049. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-106 https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1218 •
CVSS: 7.6EPSS: 89%CPEs: 1EXPL: 1CVE-2016-0108 – Microsoft Internet Explorer - Read AV in MSHTML!Layout::LayoutBuilderDivider::BuildPageLayout (MS16-023)
https://notcve.org/view.php?id=CVE-2016-0108
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0102, CVE-2016-0103, CVE-2016-0106, CVE-2016-0109, and CVE-2016-0114. Microsoft Internet Explorer 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocida como "Internet Explorer Memory Corruption Vulnerability", una vulnerabilidad diferente a CVE-2016-0102, CVE-2016-0103, CVE-2016-0106, CVE-2016-0109 y CVE-2016-0114. Microsoft Internet Explorer has a read AV in MSHTML!Layout::LayoutBuilderDivider::BuildPageLayout issue. • https://www.exploit-db.com/exploits/39562 http://www.securityfocus.com/bid/84016 http://www.securitytracker.com/id/1035203 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-023 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 17%CPEs: 2EXPL: 0CVE-2016-0102
https://notcve.org/view.php?id=CVE-2016-0102
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0103, CVE-2016-0106, CVE-2016-0108, CVE-2016-0109, and CVE-2016-0114. Microsoft Internet Explorer 11 y Microsoft Edge permiten a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocida como "Microsoft Browser Memory Corruption Vulnerability", una vulnerabilidad diferente a CVE-2016-0103, CVE-2016-0106, CVE-2016-0108, CVE-2016-0109 y CVE-2016-0114. • http://www.securityfocus.com/bid/84018 http://www.securitytracker.com/id/1035203 http://www.securitytracker.com/id/1035204 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-023 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-024 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •