Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Internet_explorer
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 1640 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-09-11 | CVE-2020-1012 | <p>An elevation of privilege vulnerability exists in the way that the Wininit.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.</p> <p>There are multiple ways an attacker could exploit the vulnerability:</p> <ul> <li><p>In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit this vulnerability and then convince a user to view the website. An attacker... | Internet_explorer | N/A | ||
| 2020-09-11 | CVE-2020-1506 | <p>An elevation of privilege vulnerability exists in the way that the Wininit.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.</p> <p>There are multiple ways an attacker could exploit the vulnerability:</p> <ul> <li><p>In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit this vulnerability and then convince a user to view the website. An attacker... | Internet_explorer | N/A | ||
| 2020-11-11 | CVE-2020-17052 | Scripting Engine Memory Corruption Vulnerability | Edge, Internet_explorer | N/A | ||
| 2020-11-11 | CVE-2020-17053 | Internet Explorer Memory Corruption Vulnerability | Internet_explorer | N/A | ||
| 2020-11-11 | CVE-2020-17058 | Microsoft Browser Memory Corruption Vulnerability | Edge, Internet_explorer | N/A | ||
| 2021-05-11 | CVE-2021-26419 | Scripting Engine Memory Corruption Vulnerability | Internet_explorer | N/A | ||
| 2015-05-21 | CVE-2015-4000 | The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue. | Iphone_os, Mac_os_x, Safari, Ubuntu_linux, Debian_linux, Chrome, Hp\-Ux, Content_manager, Internet_explorer, Firefox, Firefox_esr, Firefox_os, Network_security_services, Seamonkey, Thunderbird, Openssl, Opera_browser, Jdk, Jre, Jrockit, Sparc\-Opl_service_processor, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Suse_linux_enterprise_server | 3.7 | ||
| 2011-01-07 | CVE-2011-0346 | Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the DOM implementation and the BreakAASpecial and BreakCircularMemoryReferences functions, as demonstrated by cross_fuzz, aka "MSHTML Memory Corruption Vulnerability." | Internet_explorer | N/A | ||
| 2009-04-15 | CVE-2009-0551 | Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 does not properly handle transition errors in a request for one HTTP document followed by a request for a second HTTP document, which allows remote attackers to execute arbitrary code via vectors involving (1) multiple crafted pages on a web site or (2) a web page with crafted inline content such as banner... | Internet_explorer | N/A | ||
| 2009-06-10 | CVE-2009-1529 | Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by calling the setCapture method on a collection of crafted objects, aka "Uninitialized Memory Corruption Vulnerability." | Internet_explorer | N/A |