Internet Explorer

internet_explorer

Vendor: Microsoft • 1,635 CVEs

CVEs (1,635)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2012-2548 1Microsoft 1Internet Explorer Apr 29, 2026 Sep 21, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Layout Use After Free Vulnerability."
CVE-2012-2546 1Microsoft 1Internet Explorer Apr 29, 2026 Sep 21, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Event Listener Use After Free Vulnerab...Show more Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Event Listener Use After Free Vulnerability."Show less
CVE-2012-1529 1Microsoft 1Internet Explorer Apr 29, 2026 Sep 21, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2)...Show more Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2) is deleted, aka "OnMove Use After Free Vulnerability."Show less
CVE-2012-4969 1Microsoft 1Internet Explorer Apr 21, 2026 Sep 18, 2012 N/A· v4 8.1 HIGH· v3 9.3 HIGH· v2 Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in...Show more Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012.Show less
CVE-2012-2523 1Microsoft 3Internet Explorer JscriptVbscript Apr 29, 2026 Aug 15, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Integer overflow in Microsoft Internet Explorer 8 and 9, JScript 5.8, and VBScript 5.8 on 64-bit platforms allows remote attackers to execute arbitrary code by leveraging an incorrect size calculation during object copyi...Show more Integer overflow in Microsoft Internet Explorer 8 and 9, JScript 5.8, and VBScript 5.8 on 64-bit platforms allows remote attackers to execute arbitrary code by leveraging an incorrect size calculation during object copying, aka "JavaScript Integer Overflow Remote Code Execution Vulnerability."Show less
CVE-2012-2522 1Microsoft 1Internet Explorer Apr 29, 2026 Aug 15, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a malformed virtual function table after this table's deletion, aka...Show more Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a malformed virtual function table after this table's deletion, aka "Virtual Function Table Corruption Remote Code Execution Vulnerability."Show less
CVE-2012-2521 1Microsoft 1Internet Explorer Apr 29, 2026 Aug 15, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Asynchronous NULL Object Access Remote Code...Show more Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Asynchronous NULL Object Access Remote Code Execution Vulnerability."Show less
CVE-2012-1526 1Microsoft 1Internet Explorer Apr 29, 2026 Aug 15, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not initialized or (2) is deleted, aka "Layout M...Show more Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not initialized or (2) is deleted, aka "Layout Memory Corruption Vulnerability."Show less
CVE-2012-1524 1Microsoft 1Internet Explorer Apr 29, 2026 Jul 10, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Attribute Remove Remote Code Execution Vulnerability."
CVE-2012-1522 1Microsoft 1Internet Explorer Apr 29, 2026 Jul 10, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Cached Object Remote Code Execution Vulnerability."
CVE-2012-1882 1Microsoft 1Internet Explorer Apr 29, 2026 Jun 12, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Microsoft Internet Explorer 6 through 9 does not block cross-domain scrolling events, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Scrolling Events In...Show more Microsoft Internet Explorer 6 through 9 does not block cross-domain scrolling events, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Scrolling Events Information Disclosure Vulnerability."Show less
CVE-2012-1881 1Microsoft 1Internet Explorer Apr 29, 2026 Jun 12, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnRowsInserted Event Remote Code Execution Vulne...Show more Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnRowsInserted Event Remote Code Execution Vulnerability."Show less
CVE-2012-1880 1Microsoft 1Internet Explorer Apr 29, 2026 Jun 12, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "insertRow Remote Code Execution Vulnerabilit...Show more Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "insertRow Remote Code Execution Vulnerability."Show less
CVE-2012-1879 1Microsoft 1Internet Explorer Apr 29, 2026 Jun 12, 2012 N/A· v4 8.1 HIGH· v3 9.3 HIGH· v2 Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access an undefined memory location, aka "insertAdjacentText Re...Show more Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access an undefined memory location, aka "insertAdjacentText Remote Code Execution Vulnerability."Show less
CVE-2012-1878 1Microsoft 1Internet Explorer Apr 29, 2026 Jun 12, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnBeforeDeactivate Event Remote Code Executi...Show more Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnBeforeDeactivate Event Remote Code Execution Vulnerability."Show less
CVE-2012-1877 1Microsoft 1Internet Explorer Apr 29, 2026 Jun 12, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Title Element Change Remote Code Execution V...Show more Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Title Element Change Remote Code Execution Vulnerability."Show less
CVE-2012-1876 1Microsoft 1Internet Explorer Apr 29, 2026 Jun 12, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access a nonexistent object, leading...Show more Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access a nonexistent object, leading to a heap-based buffer overflow, aka "Col Element Remote Code Execution Vulnerability," as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012.Show less
CVE-2012-1875 1Microsoft 1Internet Explorer Apr 29, 2026 Jun 12, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Same ID Property Remote Code Execution Vulnerability."
CVE-2012-1874 1Microsoft 1Internet Explorer Apr 29, 2026 Jun 12, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows user-assisted remote attackers to execute arbitrary code by accessing a deleted object, aka "Developer Toolbar Remote Code Exec...Show more Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows user-assisted remote attackers to execute arbitrary code by accessing a deleted object, aka "Developer Toolbar Remote Code Execution Vulnerability."Show less
CVE-2012-1873 1Microsoft 1Internet Explorer Apr 29, 2026 Jun 12, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Microsoft Internet Explorer 7 through 9 does not properly create and initialize string data, which allows remote attackers to obtain sensitive information from process memory via a crafted HTML document, aka "Null Byte I...Show more Microsoft Internet Explorer 7 through 9 does not properly create and initialize string data, which allows remote attackers to obtain sensitive information from process memory via a crafted HTML document, aka "Null Byte Information Disclosure Vulnerability."Show less

Previous 1...505152...82 Next