CVSS: 7.6EPSS: 38%CPEs: 1EXPL: 0CVE-2016-0106 – Microsoft Internet Explorer CDataset RemoveItem Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2016-0106
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0102, CVE-2016-0103, CVE-2016-0108, CVE-2016-0109, and CVE-2016-0114. Microsoft Internet Explorer 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocida como "Internet Explorer Memory Corruption Vulnerability", una vulnerabilidad diferente a CVE-2016-0102, CVE-2016-0103, CVE-2016-0108, CVE-2016-0109 y CVE-2016-0114. This vulnerability allows remote attackers to disclose the contents of memory on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how Internet Explorer handles custom data attributes attached to HTML elements. By manipulating a document's elements an attacker can force a string in memory to be reused after it has been freed, leading to a disclosure of memory contents. • http://www.securityfocus.com/bid/84014 http://www.securitytracker.com/id/1035203 http://www.zerodayinitiative.com/advisories/ZDI-16-179 http://www.zerodayinitiative.com/advisories/ZDI-16-180 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-023 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 31%CPEs: 3EXPL: 0CVE-2016-0107 – Microsoft Internet Explorer CTableLayout AddRow Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-0107
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0105, CVE-2016-0111, CVE-2016-0112, and CVE-2016-0113. Microsoft Internet Explorer 9 hasta la versión 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de una página web manipulada, también conocida como "Internet Explorer Memory Corruption Vulnerability", una vulnerabilidad diferente a CVE-2016-0105, CVE-2016-0111, CVE-2016-0112 y CVE-2016-0113. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how Internet Explorer keeps track of table rows when performing layout of HTML tables. By manipulating a document's elements an attacker can cause Internet Explorer to read beyond the end of an array of pointers to CTableRow objects. • http://www.securityfocus.com/bid/84015 http://www.securitytracker.com/id/1035203 http://www.zerodayinitiative.com/advisories/ZDI-16-183 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-023 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 69%CPEs: 2EXPL: 0CVE-2016-0109 – Microsoft Internet Explorer SNeighborPosition Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-0109
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0102, CVE-2016-0103, CVE-2016-0106, CVE-2016-0108, and CVE-2016-0114. Microsoft Internet Explorer 11 y Microsoft Edge permiten a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocida como "Microsoft Browser Memory Corruption Vulnerability", una vulnerabilidad diferente a CVE-2016-0102, CVE-2016-0103, CVE-2016-0106, CVE-2016-0108 y CVE-2016-0114. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how Internet Explorer performs layout of HTML tables. By manipulating a document's elements an attacker can force an array of Layout::STableCellLayout::SNeighborPosition objects in memory to be reused after it has been freed. • http://www.securityfocus.com/bid/84020 http://www.securitytracker.com/id/1035203 http://www.securitytracker.com/id/1035204 http://www.zerodayinitiative.com/advisories/ZDI-16-184 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-023 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-024 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 38%CPEs: 3EXPL: 0CVE-2016-0112 – Microsoft Internet Explorer setAttribute Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2016-0112
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0105, CVE-2016-0107, CVE-2016-0111, and CVE-2016-0113. Microsoft Internet Explorer 9 hasta la versión 11 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocida como "Internet Explorer Memory Corruption Vulnerability", una vulnerabilidad diferente a CVE-2016-0105, CVE-2016-0107, CVE-2016-0111 y CVE-2016-0113. This vulnerability allows remote attackers to disclose memory contents on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how Internet Explorer handles changes to attributes of DOM elements. By manipulating a document's elements an attacker can cause a string allocation in memory to be reused after it has been freed. • http://www.securityfocus.com/bid/84010 http://www.securitytracker.com/id/1035203 http://www.zerodayinitiative.com/advisories/ZDI-16-185 http://www.zerodayinitiative.com/advisories/ZDI-16-188 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-023 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 31%CPEs: 3EXPL: 0CVE-2016-0113 – Microsoft Internet Explorer CTravelEntry Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-0113
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0105, CVE-2016-0107, CVE-2016-0111, and CVE-2016-0112. Microsoft Internet Explorer 9 hasta la versión 11 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocida como "Internet Explorer Memory Corruption Vulnerability", una vulnerabilidad diferente a CVE-2016-0105, CVE-2016-0107, CVE-2016-0111 y CVE-2016-0112. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how Internet Explorer stores the user's browsing history for forward/back navigation. By manipulating a document's elements an attacker can force a CTravelEntry object in memory to be reused after it has been freed. • http://www.securityfocus.com/bid/84011 http://www.securitytracker.com/id/1035203 http://www.zerodayinitiative.com/advisories/ZDI-16-186 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-023 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •