CVE-2015-1740
https://notcve.org/view.php?id=CVE-2015-1740
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1735, CVE-2015-1744, CVE-2015-1745, and CVE-2015-1766. Microsoft Internet Explorer 6 hasta 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como 'vulnerabilidad de la corrupción de memoria de Internet Explorer,' una vulnerabilidad diferente a CVE-2015-1735, CVE-2015-1744, CVE-2015-1745, y CVE-2015-1766. • http://www.securityfocus.com/bid/74981 http://www.securitytracker.com/id/1032521 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-056 • CWE-399: Resource Management Errors •
CVE-2015-1735 – Microsoft Internet Explorer hr Element Uninitialized Variable Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-1735
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1740, CVE-2015-1744, CVE-2015-1745, and CVE-2015-1766. Microsoft Internet Explorer 6 hasta 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como 'vulnerabilidad de la corrupción de memoria de Internet Explorer,' una vulnerabilidad diferente a CVE-2015-1740, CVE-2015-1744, CVE-2015-1745, y CVE-2015-1766. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how Internet Explorer processes certain operations on HTML hr elements. Internet Explorer erroneously uses a VARIANT structure in memory before it has been properly initialized. • http://www.securityfocus.com/bid/74972 http://www.securitytracker.com/id/1032521 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-056 • CWE-399: Resource Management Errors •
CVE-2015-1741
https://notcve.org/view.php?id=CVE-2015-1741
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1752. Microsoft Internet Explorer 9 hasta 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como 'vulnerabilidad de la corrupción de memoria de Internet Explorer,' una vulnerabilidad diferente a CVE-2015-1752. • http://www.securityfocus.com/bid/74982 http://www.securitytracker.com/id/1032521 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-056 • CWE-399: Resource Management Errors •
CVE-2015-1743 – Microsoft Internet Explorer add-on Installer Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2015-1743
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1748. Microsoft Internet Explorer 7 hasta 11 permite a atacantes remotos ganar privilegios a través de un sitio web manipulado, también conocido como 'vulnerabilidad de la elevación de privilegios de Internet Explorer,' una vulnerabilidad diferente a CVE-2015-1748. This vulnerability allows remote attackers to escape Enhanced Protected Mode on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the usage of the add-on installer. An attacker can bypass checks within the add-on installer with special paths and junction points to achieve medium-integrity code execution under the context of the user. • http://www.securityfocus.com/bid/74996 http://www.securitytracker.com/id/1032521 http://www.zerodayinitiative.com/advisories/ZDI-15-377 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-056 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVE-2015-1692
https://notcve.org/view.php?id=CVE-2015-1692
Microsoft Internet Explorer 7 through 11 allows user-assisted remote attackers to read the clipboard contents via crafted web script, aka "Internet Explorer Clipboard Information Disclosure Vulnerability." Microsoft Internet Explorer 7 hasta 11 permite a atacantes remotos asistidos por usuarios leer el contenido del portapapeles a través de una secuencia de comandos web manipulada, también conocido como 'vulnerabilidad de la divulgación de información del portapapeles de Internet Explorer.' • http://www.securityfocus.com/bid/74517 http://www.securitytracker.com/id/1032282 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-043 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •