National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:microsoft:internet_explorer:11:-
There are 732 matching records.
Displaying matches 681 through 700.
Vuln ID Summary CVSS Severity
CVE-2014-0310

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1815.

Published: May 14, 2014; 07:13:04 AM -04:00
    V2: 9.3 HIGH
CVE-2014-1776

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014. NOTE: this issue originally emphasized VGX.DLL, but Microsoft clarified that "VGX.DLL does not contain the vulnerable code leveraged in this exploit. Disabling VGX.DLL is an exploit-specific workaround that provides an immediate, effective workaround to help block known attacks."

Published: April 27, 2014; 06:55:03 AM -04:00
    V2: 10.0 HIGH
CVE-2014-1765

Multiple use-after-free vulnerabilities in Microsoft Internet Explorer 6 through 11 allow remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by Sebastian Apelt and Andreas Schmidt during a Pwn2Own competition at CanSecWest 2014.

Published: April 27, 2014; 06:55:03 AM -04:00
    V2: 7.6 HIGH
CVE-2014-1764

Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism by leveraging "object confusion" in a broker process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014.

Published: April 27, 2014; 06:55:03 AM -04:00
    V2: 10.0 HIGH
CVE-2014-1763

Use-after-free vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014.

Published: April 27, 2014; 06:55:03 AM -04:00
    V2: 10.0 HIGH
CVE-2014-1762

Unspecified vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code with medium-integrity privileges and bypass a sandbox protection mechanism via unknown vectors, as demonstrated by ZDI during a Pwn4Fun competition at CanSecWest 2014.

Published: April 27, 2014; 06:55:03 AM -04:00
    V2: 7.5 HIGH
CVE-2014-1760

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

Published: April 08, 2014; 07:55:06 PM -04:00
    V2: 9.3 HIGH
CVE-2014-0324

Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0297, CVE-2014-0308, and CVE-2014-0312.

Published: March 12, 2014; 01:15:20 AM -04:00
    V2: 9.3 HIGH
CVE-2014-0321

Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0313.

Published: March 12, 2014; 01:15:20 AM -04:00
    V2: 9.3 HIGH
CVE-2014-0313

Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0321.

Published: March 12, 2014; 01:15:19 AM -04:00
    V2: 9.3 HIGH
CVE-2014-0312

Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0297, CVE-2014-0308, and CVE-2014-0324.

Published: March 12, 2014; 01:15:19 AM -04:00
    V2: 9.3 HIGH
CVE-2014-0311

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0299 and CVE-2014-0305.

Published: March 12, 2014; 01:15:19 AM -04:00
    V2: 9.3 HIGH
CVE-2014-0308

Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0297, CVE-2014-0312, and CVE-2014-0324.

Published: March 12, 2014; 01:15:19 AM -04:00
    V2: 9.3 HIGH
CVE-2014-0305

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0299 and CVE-2014-0311.

Published: March 12, 2014; 01:15:19 AM -04:00
    V2: 9.3 HIGH
CVE-2014-0304

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

Published: March 12, 2014; 01:15:19 AM -04:00
    V2: 9.3 HIGH
CVE-2014-0299

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0305 and CVE-2014-0311.

Published: March 12, 2014; 01:15:19 AM -04:00
    V2: 9.3 HIGH
CVE-2014-0298

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

Published: March 12, 2014; 01:15:19 AM -04:00
    V2: 9.3 HIGH
CVE-2014-0297

Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0308, CVE-2014-0312, and CVE-2014-0324.

Published: March 12, 2014; 01:15:19 AM -04:00
    V2: 9.3 HIGH
CVE-2013-7331

The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers to determine the existence of local pathnames, UNC share pathnames, intranet hostnames, and intranet IP addresses by examining error codes, as demonstrated by a res:// URL, and exploited in the wild in February 2014.

Published: February 26, 2014; 09:55:08 AM -05:00
    V2: 4.3 MEDIUM
CVE-2014-0293

Microsoft Internet Explorer 9 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."

Published: February 11, 2014; 11:50:40 PM -05:00
    V2: 4.3 MEDIUM