Page 9 of 368 results (0.011 seconds)

CVSS: 6.9EPSS: 1%CPEs: 5EXPL: 0

Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1743. Microsoft Internet Explorer 7 hasta 11 permite a atacantes remotos ganar privilegios a través de un sitio web manipulado, también conocido como 'vulnerabilidad de la elevación de privilegios de Internet Explorer,' una vulnerabilidad diferente a CVE-2015-1743. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the usage of res:// and Windows Help Engine. By running specially crafted JavaScript, a 32-bit medium integrity process can be spawned. • http://www.securityfocus.com/bid/74997 http://www.securitytracker.com/id/1032521 http://www.zerodayinitiative.com/advisories/ZDI-15-251 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-056 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.3EPSS: 78%CPEs: 4EXPL: 0

Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." Microsoft Internet Explorer 6 hasta 9 permite a atacantes remotos ejecutar código arbitrario p causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como 'vulnerabilidad de corrupción de memoria de Internet Explorer.' • http://www.securitytracker.com/id/1032521 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-056 • CWE-19: Data Processing Errors •

CVSS: 9.3EPSS: 54%CPEs: 6EXPL: 0

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1735, CVE-2015-1744, CVE-2015-1745, and CVE-2015-1766. Microsoft Internet Explorer 6 hasta 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como 'vulnerabilidad de la corrupción de memoria de Internet Explorer,' una vulnerabilidad diferente a CVE-2015-1735, CVE-2015-1744, CVE-2015-1745, y CVE-2015-1766. • http://www.securityfocus.com/bid/74981 http://www.securitytracker.com/id/1032521 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-056 • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 48%CPEs: 6EXPL: 0

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1740, CVE-2015-1744, CVE-2015-1745, and CVE-2015-1766. Microsoft Internet Explorer 6 hasta 11 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocido como 'vulnerabilidad de la corrupción de memoria de Internet Explorer,' una vulnerabilidad diferente a CVE-2015-1740, CVE-2015-1744, CVE-2015-1745, y CVE-2015-1766. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how Internet Explorer processes certain operations on HTML hr elements. Internet Explorer erroneously uses a VARIANT structure in memory before it has been properly initialized. • http://www.securityfocus.com/bid/74972 http://www.securitytracker.com/id/1032521 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-056 • CWE-399: Resource Management Errors •

CVSS: 6.9EPSS: 2%CPEs: 5EXPL: 0

Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1748. Microsoft Internet Explorer 7 hasta 11 permite a atacantes remotos ganar privilegios a través de un sitio web manipulado, también conocido como 'vulnerabilidad de la elevación de privilegios de Internet Explorer,' una vulnerabilidad diferente a CVE-2015-1748. This vulnerability allows remote attackers to escape Enhanced Protected Mode on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the usage of the add-on installer. An attacker can bypass checks within the add-on installer with special paths and junction points to achieve medium-integrity code execution under the context of the user. • http://www.securityfocus.com/bid/74996 http://www.securitytracker.com/id/1032521 http://www.zerodayinitiative.com/advisories/ZDI-15-377 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-056 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •