Internet Explorer

internet_explorer

Vendor: Microsoft • 1,635 CVEs

CVEs (1,635)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2013-0025 1Microsoft 1Internet Explorer Apr 29, 2026 Feb 13, 2013 N/A· v4 N/A· v3 9.3 HIGH· v2 Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer SLayoutRun Use After...Show more Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer SLayoutRun Use After Free Vulnerability."Show less
CVE-2013-0024 1Microsoft 3Internet Explorer Windows Server 2008Windows Vista Apr 29, 2026 Feb 13, 2013 N/A· v4 N/A· v3 9.3 HIGH· v2 Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer pasteHTML Use...Show more Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer pasteHTML Use After Free Vulnerability."Show less
CVE-2013-0023 1Microsoft 1Internet Explorer Apr 29, 2026 Feb 13, 2013 N/A· v4 N/A· v3 9.3 HIGH· v2 Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CDispNode Use...Show more Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CDispNode Use After Free Vulnerability."Show less
CVE-2013-0022 1Microsoft 1Internet Explorer Apr 29, 2026 Feb 13, 2013 N/A· v4 9.0 CRITICAL· v3 9.3 HIGH· v2 Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer LsGetTrailInfo Use A...Show more Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer LsGetTrailInfo Use After Free Vulnerability."Show less
CVE-2013-0021 1Microsoft 1Internet Explorer Apr 29, 2026 Feb 13, 2013 N/A· v4 N/A· v3 9.3 HIGH· v2 Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer vtable Us...Show more Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer vtable Use After Free Vulnerability."Show less
CVE-2013-0020 1Microsoft 1Internet Explorer Apr 29, 2026 Feb 13, 2013 N/A· v4 N/A· v3 9.3 HIGH· v2 Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CMarkup Use After Fr...Show more Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CMarkup Use After Free Vulnerability."Show less
CVE-2013-0019 1Microsoft 1Internet Explorer Apr 29, 2026 Feb 13, 2013 N/A· v4 N/A· v3 9.3 HIGH· v2 Use-after-free vulnerability in Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer COmWindow...Show more Use-after-free vulnerability in Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer COmWindowProxy Use After Free Vulnerability."Show less
CVE-2013-0018 1Microsoft 1Internet Explorer Apr 29, 2026 Feb 13, 2013 N/A· v4 N/A· v3 9.3 HIGH· v2 Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer SetCapture...Show more Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer SetCapture Use After Free Vulnerability."Show less
CVE-2013-0015 1Microsoft 1Internet Explorer Apr 29, 2026 Feb 13, 2013 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Microsoft Internet Explorer 6 through 9 does not properly perform auto-selection of the Shift JIS encoding, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site tha...Show more Microsoft Internet Explorer 6 through 9 does not properly perform auto-selection of the Shift JIS encoding, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site that triggers cross-domain scrolling events, aka "Shift JIS Character Encoding Vulnerability."Show less
CVE-2013-1451 1Microsoft 1Internet Explorer Apr 29, 2026 Jan 29, 2013 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Microsoft Internet Explorer 8 and 9, when the Proxy Settings configuration has the same Proxy address and Port values in the HTTP and Secure rows, does not ensure that the SSL lock icon is consistent with the Address bar...Show more Microsoft Internet Explorer 8 and 9, when the Proxy Settings configuration has the same Proxy address and Port values in the HTTP and Secure rows, does not ensure that the SSL lock icon is consistent with the Address bar, which makes it easier for remote attackers to spoof web sites via a crafted HTML document that triggers many HTTPS requests to an arbitrary host, followed by an HTTPS request to a trusted host and then an HTTP request to an untrusted host, a related issue to CVE-2013-1450.Show less
CVE-2013-1450 1Microsoft 1Internet Explorer Apr 29, 2026 Jan 29, 2013 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Microsoft Internet Explorer 8 and 9, when the Proxy Settings configuration has the same Proxy address and Port values in the HTTP and Secure rows, does not properly reuse TCP sessions to the proxy server, which allows re...Show more Microsoft Internet Explorer 8 and 9, when the Proxy Settings configuration has the same Proxy address and Port values in the HTTP and Secure rows, does not properly reuse TCP sessions to the proxy server, which allows remote attackers to obtain sensitive information intended for a specific host via a crafted HTML document that triggers many HTTPS requests and then triggers an HTTP request to that host, as demonstrated by reading a Cookie header, aka MSRC 12096gd.Show less
CVE-2012-6502 1Microsoft 1Internet Explorer Apr 29, 2026 Jan 22, 2013 N/A· v4 N/A· v3 2.6 LOW· v2 Microsoft Internet Explorer before 10 allows remote attackers to obtain sensitive information about the existence of files, and read certain data from files, via a UNC share pathname in the SRC attribute of a SCRIPT elem...Show more Microsoft Internet Explorer before 10 allows remote attackers to obtain sensitive information about the existence of files, and read certain data from files, via a UNC share pathname in the SRC attribute of a SCRIPT element, as demonstrated by reading a name-value pair from a local file via a \\127.0.0.1\C$\ sequence.Show less
CVE-2012-4792 1Microsoft 1Internet Explorer Apr 22, 2026 Dec 30, 2012 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2...Show more Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated by a CDwnBindInfo object, and exploited in the wild in December 2012.Show less
CVE-2012-4787 1Microsoft 1Internet Explorer Apr 29, 2026 Dec 12, 2012 N/A· v4 9.0 CRITICAL· v3 9.3 HIGH· v2 Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2)...Show more Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2) is deleted, aka "Improper Ref Counting Use After Free Vulnerability."Show less
CVE-2012-4782 1Microsoft 1Internet Explorer Apr 29, 2026 Dec 12, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "CMarkup Use After Free Vulnerab...Show more Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "CMarkup Use After Free Vulnerability."Show less
CVE-2012-4781 1Microsoft 1Internet Explorer Apr 29, 2026 Dec 12, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "InjectHTMLStream Use After...Show more Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "InjectHTMLStream Use After Free Vulnerability."Show less
CVE-2012-4775 1Microsoft 1Internet Explorer Apr 29, 2026 Nov 14, 2012 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability."
CVE-2012-1539 1Microsoft 1Internet Explorer Apr 29, 2026 Nov 14, 2012 N/A· v4 8.1 HIGH· v3 9.3 HIGH· v2 Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreePos Use After Free Vulnerability."
CVE-2012-1538 1Microsoft 1Internet Explorer Apr 29, 2026 Nov 14, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CFormElement Use After Free Vulnerability."
CVE-2012-2557 1Microsoft 1Internet Explorer Apr 29, 2026 Sep 21, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "cloneNode Use After Free Vul...Show more Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "cloneNode Use After Free Vulnerability."Show less

Previous 1...495051...82 Next