Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2011-1993 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Scroll Event Remote Code Execution Vulnerability." Published: October 11, 2011; 10:52:43 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2011-1964 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Style Object Memory Corruption Vulnerability." Published: August 10, 2011; 5:55:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2011-1963 |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "XSLT Memory Corruption Vulnerability." Published: August 10, 2011; 5:55:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2011-1962 |
Microsoft Internet Explorer 6 through 9 does not properly handle unspecified character sequences, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site that triggers "inactive filtering," aka "Shift JIS Character Encoding Vulnerability." Published: August 10, 2011; 5:55:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2011-1961 |
The telnet URI handler in Microsoft Internet Explorer 6 through 9 does not properly launch the handler application, which allows remote attackers to execute arbitrary programs via a crafted web site, aka "Telnet Handler Remote Code Execution Vulnerability." Published: August 10, 2011; 5:55:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2011-1960 |
Microsoft Internet Explorer 6 through 9 does not properly implement JavaScript event handlers, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Event Handlers Information Disclosure Vulnerability." Published: August 10, 2011; 5:55:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2011-1257 |
Race condition in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors involving access to an object, aka "Window Open Race Condition Vulnerability." Published: August 10, 2011; 5:55:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.6 HIGH |
CVE-2011-1266 |
The Vector Markup Language (VML) implementation in vgx.dll in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "VML Memory Corruption Vulnerability." Published: June 16, 2011; 4:55:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2011-1262 |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "HTTP Redirect Memory Corruption Vulnerability." Published: June 16, 2011; 4:55:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2011-1261 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Selection Object Memory Corruption Vulnerability." Published: June 16, 2011; 4:55:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2011-1258 |
Microsoft Internet Explorer 6 through 8 does not properly restrict web script, which allows user-assisted remote attackers to obtain sensitive information from a different (1) domain or (2) zone via vectors involving a drag-and-drop operation, aka "Drag and Drop Information Disclosure Vulnerability." Published: June 16, 2011; 4:55:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2011-1256 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "DOM Modification Memory Corruption Vulnerability." Published: June 16, 2011; 4:55:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2011-1255 |
The Timed Interactive Multimedia Extensions (aka HTML+TIME) implementation in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Time Element Memory Corruption Vulnerability." Published: June 16, 2011; 4:55:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2011-1254 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Drag and Drop Memory Corruption Vulnerability." Published: June 16, 2011; 4:55:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2011-1251 |
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "DOM Manipulation Memory Corruption Vulnerability." Published: June 16, 2011; 4:55:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2011-1250 |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Link Properties Handling Memory Corruption Vulnerability." Published: June 16, 2011; 4:55:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2011-1246 |
Microsoft Internet Explorer 8 does not properly handle content settings in HTTP responses, which allows remote web servers to obtain sensitive information from a different (1) domain or (2) zone via a crafted response, aka "MIME Sniffing Information Disclosure Vulnerability." Published: June 16, 2011; 4:55:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2011-1229 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." Published: April 13, 2011; 4:26:25 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2011-1244 |
Microsoft Internet Explorer 6, 7, and 8 does not enforce intended domain restrictions on content access, which allows remote attackers to obtain sensitive information or conduct clickjacking attacks via a crafted web site, aka "Frame Tag Information Disclosure Vulnerability." Published: April 13, 2011; 2:55:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.8 MEDIUM |
CVE-2010-3348 |
Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of cached content as HTML, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Cross-Domain Information Disclosure Vulnerability," a different vulnerability than CVE-2010-3342. Published: December 16, 2010; 2:33:02 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM |