VYPR

Internet Explorer

by Microsoft

CVEs (1,725)

  • CVE-2011-1995Oct 12, 2011
    risk 0.02cvss epss 0.29

    Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "OLEAuto32.dll Remote Code Execution Vulnerability."

  • CVE-2011-1964Aug 10, 2011
    risk 0.02cvss epss 0.23

    Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Style Object Memory Corruption Vulnerability."

  • CVE-2011-1963Aug 10, 2011
    risk 0.02cvss epss 0.23

    Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "XSLT Memory Corruption Vulnerability."

  • CVE-2011-1250Jun 16, 2011
    risk 0.02cvss epss 0.22

    Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Link Properties Handling Memory Corruption…

  • CVE-2011-2383Jun 3, 2011
    risk 0.02cvss epss 0.21

    Microsoft Internet Explorer 9 and earlier does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing an http: URL that redirects to a file:…

  • CVE-2011-2382Jun 3, 2011
    risk 0.02cvss epss 0.19

    Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 beta, does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing a file:…

  • CVE-2011-0094Apr 13, 2011
    risk 0.02cvss epss 0.22

    Use-after-free vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Layouts Handling Memory Corruption Vulnerability."

  • CVE-2011-1347Mar 10, 2011
    risk 0.02cvss epss 0.28

    Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to bypass Protected Mode and create arbitrary files by leveraging access to a Low integrity process, as demonstrated by Stephen Fewer as the third of three chained vulnerabilities…

  • CVE-2011-1346Mar 10, 2011
    risk 0.02cvss epss 0.26

    Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors, as demonstrated by Stephen Fewer as the second of three chained vulnerabilities during a Pwn2Own competition at CanSecWest 2011.

  • CVE-2011-0036Feb 10, 2011
    risk 0.02cvss epss 0.20

    Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, related to a "dangling…

  • CVE-2011-0035Feb 10, 2011
    risk 0.02cvss epss 0.20

    Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory…

  • CVE-2011-0347Jan 7, 2011
    risk 0.02cvss epss 0.22

    Microsoft Internet Explorer on Windows XP allows remote attackers to trigger an incorrect GUI display and have unspecified other impact via vectors related to the DOM implementation, as demonstrated by cross_fuzz.

  • CVE-2010-3346Dec 16, 2010
    risk 0.02cvss epss 0.29

    Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Element Memory…

  • CVE-2010-3345Dec 16, 2010
    risk 0.02cvss epss 0.29

    Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Element Memory Corruption…

  • CVE-2010-3343Dec 16, 2010
    risk 0.02cvss epss 0.29

    Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object Memory Corruption…

  • CVE-2010-3340Dec 16, 2010
    risk 0.02cvss epss 0.25

    Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object Memory…

  • CVE-2010-3331Oct 13, 2010
    risk 0.02cvss epss 0.25

    Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory in certain circumstances involving use of Microsoft Word to read Word documents, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly…

  • CVE-2010-3326Oct 13, 2010
    risk 0.02cvss epss 0.25

    Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption…

  • CVE-2010-2560Aug 11, 2010
    risk 0.02cvss epss 0.24

    Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Layout Memory…

  • CVE-2010-2559Aug 11, 2010
    risk 0.02cvss epss 0.28

    Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption…

Page 52 of 87