) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:microsoft:internet_explorer:9:-:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2016-0059 |
The Hyperlink Object Library in Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted URL in a (1) e-mail message or (2) Office document, aka "Internet Explorer Information Disclosure Vulnerability." Published: February 10, 2016; 6:59:22 AM -0500 |
V3.0: 4.3 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-0005 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability." Published: January 13, 2016; 12:59:03 AM -0500 |
V3.0: 4.3 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-0002 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." Published: January 13, 2016; 12:59:01 AM -0500 |
V3.0: 7.5 HIGH V2.0: 7.6 HIGH |
| CVE-2015-6164 |
Microsoft Internet Explorer 9 through 11 improperly implements a cross-site scripting (XSS) protection mechanism, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, aka "Internet Explorer XSS Filter Bypass Vulnerability." Published: December 09, 2015; 6:59:47 AM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
| CVE-2015-6161 |
Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Browser ASLR Bypass." Published: December 09, 2015; 6:59:45 AM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2015-6156 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6148. Published: December 09, 2015; 6:59:39 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
| CVE-2015-6154 |
Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6150. Published: December 09, 2015; 6:59:38 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
| CVE-2015-6151 |
Microsoft Internet Explorer 8 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6083. Published: December 09, 2015; 6:59:35 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
| CVE-2015-6150 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6154. Published: December 09, 2015; 6:59:34 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
| CVE-2015-6149 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6147. Published: December 09, 2015; 6:59:33 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
| CVE-2015-6148 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6156. Published: December 09, 2015; 6:59:32 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
| CVE-2015-6147 |
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6149. Published: December 09, 2015; 6:59:31 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
| CVE-2015-6144 |
Microsoft Internet Explorer 8 through 11 and Microsoft Edge mishandle HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified vectors, aka "Microsoft Browser XSS Filter Bypass Vulnerability." Published: December 09, 2015; 6:59:27 AM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2015-6141 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6134. Published: December 09, 2015; 6:59:24 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
| CVE-2015-6138 |
Microsoft Internet Explorer 8 through 11 mishandles HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified vectors, aka "Internet Explorer XSS Filter Bypass Vulnerability." Published: December 09, 2015; 6:59:21 AM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2015-6136 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." Published: December 09, 2015; 6:59:20 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
| CVE-2015-6135 |
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability." Published: December 09, 2015; 6:59:19 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2015-6134 |
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6141. Published: December 09, 2015; 6:59:18 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
| CVE-2015-6083 |
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6151. Published: December 09, 2015; 6:59:02 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
| CVE-2015-6089 |
The Microsoft (1) VBScript and (2) JScript engines, as used in Internet Explorer 8 through 11, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability." Published: November 11, 2015; 7:59:29 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |