Microsoft Internet Explorer vulnerabilities

CVE-2015-0055 [MEDIUM] CWE-264 CVE-2015-0055: Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web s Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."

CVE-2015-0072 [MEDIUM] CWE-79 CVE-2015-0072: Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 9 through 11 allows remote a Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy and inject arbitrary web script or HTML via vectors involving an IFRAME element that triggers a redirect, a second IFRAME element that does not trigger a redirect, and an eval of a WindowProxy object, aka "Univer

CVE-2015-0313 [CRITICAL] CWE-416 CVE-2015-0313: Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16 Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2015, a different vulnerability than CVE-2015-0315, CVE-2015-0320, and CVE-20

CVE-2015-0311 [CRITICAL] CVE-2015-0311: Unspecified vulnerability in Adobe Flash Player through 13.0.0.262 and 14.x, 15.x, and 16.x through Unspecified vulnerability in Adobe Flash Player through 13.0.0.262 and 14.x, 15.x, and 16.x through 16.0.0.287 on Windows and OS X and through 11.2.202.438 on Linux allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in January 2015.

CVE-2014-6327 [CRITICAL] CWE-20 CVE-2014-6327: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial o Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6329 and CVE-2014-6376.

CVE-2014-6363 [CRITICAL] CWE-399 CVE-2014-6363: vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 6 through 11 and vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memory Corruption Vulnerability."

CVE-2014-6330 [CRITICAL] CWE-119 CVE-2014-6330: Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

CVE-2014-6329 [CRITICAL] CVE-2014-6329: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial o Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6327 and CVE-2014-6376.

CVE-2014-6376 [CRITICAL] CVE-2014-6376: Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial o Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6327 and CVE-2014-6329.

CVE-2014-8966 [CRITICAL] CWE-20 CVE-2014-8966: Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

CVE-2014-6373 [CRITICAL] CWE-20 CVE-2014-6373: Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial o Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

CVE-2014-6366 [CRITICAL] CWE-119 CVE-2014-6366: Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a den Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

CVE-2014-6374 [CRITICAL] CWE-119 CVE-2014-6374: Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

CVE-2014-6369 [CRITICAL] CWE-20 CVE-2014-6369: Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

CVE-2014-6375 [CRITICAL] CWE-20 CVE-2014-6375: Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

CVE-2014-6368 [MEDIUM] CWE-20 CVE-2014-6368: Microsoft Internet Explorer 11 allows remote attackers to bypass the ASLR protection mechanism via a Microsoft Internet Explorer 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."

CVE-2014-6328 [MEDIUM] CWE-20 CVE-2014-6328: Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the XSS filter via a craf Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the XSS filter via a crafted attribute of an element in an HTML document, aka "Internet Explorer XSS Filter Bypass Vulnerability," a different vulnerability than CVE-2014-6365.

CVE-2014-6365 [MEDIUM] CVE-2014-6365: Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the XSS filter via a craf Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the XSS filter via a crafted attribute of an element in an HTML document, aka "Internet Explorer XSS Filter Bypass Vulnerability," a different vulnerability than CVE-2014-6328.

CVE-2014-6343 [CRITICAL] CWE-399 CVE-2014-6343: Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

CVE-2014-6342 [CRITICAL] CWE-399 CVE-2014-6342: Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6348.