Page 76 of 840 results (0.009 seconds)

CVSS: 9.3EPSS: 92%CPEs: 46EXPL: 0

CVE-2009-1530 – Microsoft Internet Explorer Event Handler Memory Corruption Vulnerability

https://notcve.org/view.php?id=CVE-2009-1530

Use-after-free vulnerability in Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code by repeatedly adding HTML document nodes and calling event handlers, which triggers an access of an object that (1) was not properly initialized or (2) is deleted, aka "HTML Objects Memory Corruption Vulnerability." Vulnerabilidad de Uso de la Memoria Previamente Liberada en Microsoft Internet Explorer 7 para Windows XP SP2 y SP3; 7 para Server 2003 SP2; 7 para Vista Gold, SP1 y SP2; y 7 para Server 2008 SP2 permite a los atacantes remotos ejecutar código arbitrario mediante la adición repetida de nodos de documentos HTML y el llamado a los Controladores de Eventos, lo que desencadena un acceso de un objeto que (1) no se inicializó apropiadamente o (2) se elimina, también se conoce como "HTML Objects Memory Corruption Vulnerability". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists when repeatedly calling event handlers after adding nodes of an HTML document. When a specially crafted webpage is repeatedly rendered, memory is improperly reused after it has been freed. • http://osvdb.org/54949 http://www.securityfocus.com/archive/1/504209/100/0/threaded http://www.securitytracker.com/id?1022350 http://www.us-cert.gov/cas/techalerts/TA09-160A.html http://www.vupen.com/english/advisories/2009/1538 http://www.zerodayinitiative.com/advisories/ZDI-09-038 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-019 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6294 • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 88%CPEs: 17EXPL: 0

CVE-2009-1531 – Microsoft Internet Explorer onreadystatechange Memory Corruption Vulnerability

https://notcve.org/view.php?id=CVE-2009-1531

Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code via frequent calls to the getElementsByTagName function combined with the creation of an object during reordering of elements, followed by an onreadystatechange event, which triggers an access of an object that (1) was not properly initialized or (2) is deleted, aka "HTML Object Memory Corruption Vulnerability." Microsoft Internet Explorer 7 para Windows XP SP2 y SP3; 7 para Server 2003 SP2; 7 para Vista Gold, SP1 y SP2; y 7 para Server 2008 SP2 permite a los atacantes remotos ejecutar código arbitrario por medio de llamadas frecuentes a la función getElementsByTagName combinada con la creación de un objeto durante el reordenamiento de elementos, seguida por un evento onReadyStateChange, que desencadena un acceso de un objeto que (1) no se inicializó apropiadamente o (2) se elimina, también se conoce como "HTML Object Memory Corruption Vulnerability". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists when repeated calls are made to getElementsByTagName() and the reordering of the elements in the document causes an object to be allocated. The use of the event "onreadystatechange" during this operation improperly frees the previously allocated resource. • http://osvdb.org/54950 http://www.securityfocus.com/archive/1/504216/100/0/threaded http://www.securityfocus.com/bid/35234 http://www.securitytracker.com/id?1022350 http://www.us-cert.gov/cas/techalerts/TA09-160A.html http://www.vupen.com/english/advisories/2009/1538 http://www.zerodayinitiative.com/advisories/ZDI-09-039 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-019 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval • CWE-399: Resource Management Errors •

CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 2

CVE-2009-1412

https://notcve.org/view.php?id=CVE-2009-1412

Argument injection vulnerability in the chromehtml: protocol handler in Google Chrome before 1.0.154.59, when invoked by Internet Explorer, allows remote attackers to determine the existence of files, and open tabs for URLs that do not satisfy the IsWebSafeScheme restriction, via a web page that sets document.location to a chromehtml: value, as demonstrated by use of a (1) javascript: or (2) data: URL. NOTE: this can be leveraged for Universal XSS by exploiting certain behavior involving persistence across page transitions. Vulnerabilidad de inyección de argumento en el manejador de protocolo chromehtml: en Google Chrome antes de v1.0.154.59, cuando es invocado por Internet Explorer, lo que permite a atacantes remotos determinar la existencia de archivos y abrir pestañas para URLs que no cumplen la restricción IsWebSafeScheme, a través de una página web que establece document.location a un valor chromehtml, como lo demuestra el uso de una URL (1) javascript: o (2) data: . NOTA: esto puede ser aprovechados para ataques XSS universales explotando ciertos comportamientos que impliquen persistencia a través de transiciones de la página. • http://chromium.googlecode.com/issues/attachment?aid=5579180911289877192&name=Google+Chrome+Advisory.doc http://code.google.com/p/chromium/issues/detail?id=9860 http://googlechromereleases.blogspot.com/2009/04/stable-update-security-fix.html https://exchange.xforce.ibmcloud.com/vulnerabilities/50449 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.3EPSS: 1%CPEs: 4EXPL: 1

CVE-2009-1335 – Microsoft Internet Explorer 8 - File Download Denial of Service

https://notcve.org/view.php?id=CVE-2009-1335

Microsoft Internet Explorer 7 and 8 on Windows XP and Vista allows remote attackers to cause a denial of service (application hang) via a large document composed of unprintable characters, aka MSRC 9011jr. Microsoft Internet Explorer 7 y 8 en Windows XP y Vista permiten a atacantes remotos provocar una denegación de servicio (caída de la aplicación) mediante un documento de gran tamaño formado por caracteres no imprimibles, también conocido como MSRC 9011jr. • https://www.exploit-db.com/exploits/32902 http://archives.neohapsis.com/archives/fulldisclosure/2009-04/0111.html http://www.securityfocus.com/archive/1/502617/100/0/threaded http://www.securityfocus.com/bid/34478 https://exchange.xforce.ibmcloud.com/vulnerabilities/50350 •

CVSS: 9.3EPSS: 90%CPEs: 28EXPL: 0

CVE-2009-0551

https://notcve.org/view.php?id=CVE-2009-0551

Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 does not properly handle transition errors in a request for one HTTP document followed by a request for a second HTTP document, which allows remote attackers to execute arbitrary code via vectors involving (1) multiple crafted pages on a web site or (2) a web page with crafted inline content such as banner advertisements, aka "Page Transition Memory Corruption Vulnerability." Microsoft Internet Explorer v6 SP1, v6 y v7 en Windows XP SP2 y SP3, v6 y v7 en Windows Server 2003 SP1 y SP2, v7 en Windows Vista Gold y SP1, y v7 en Windows Server 2008 no maneja adecuadamente errores de transición en una petición a un documento HTTP seguido de una petición a un segundo documento HTTP, lo que permite a atacantes remotos ejecutar código de su elección a través de vectores relacionados (1) múltiples páginas manipuladas en un sitio Web (2) una página Web con líneas de contenido manipulado como publicidad en forma de banner, también conocido como "Vulnerabilidad de Corrupción de Memoria en transición de página". • http://osvdb.org/53624 http://secunia.com/advisories/34678 http://support.avaya.com/elmodocs2/security/ASA-2009-133.htm http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=871138 http://www.securitytracker.com/id?1022042 http://www.us-cert.gov/cas/techalerts/TA09-104A.html http://www.vupen.com/english/advisories/2009/1028 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-014 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre • CWE-399: Resource Management Errors •