Microsoft Internet Explorer vulnerabilities

1,594 known vulnerabilities affecting microsoft/internet_explorer.

Total CVEs

1,594

CISA KEV

actively exploited

Public exploits

364

Exploited in wild

Severity breakdown

CRITICAL690HIGH450MEDIUM404LOW50

Vulnerabilities

Page 48 of 80

CVE-2013-0811CRITICALCVSS 9.3v8v92013-05-15

CVE-2013-0811 [CRITICAL] CWE-416 CVE-2013-0811: Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execu Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1307.

nvd

CVE-2013-1297MEDIUMCVSS 4.3v6v7+1 more2013-05-15

CVE-2013-1297 [MEDIUM] CWE-200 CVE-2013-1297: Microsoft Internet Explorer 6 through 8 does not properly restrict data access by VBScript, which al Microsoft Internet Explorer 6 through 8 does not properly restrict data access by VBScript, which allows remote attackers to perform cross-domain reading of JSON files via a crafted web site, aka "JSON Array Information Disclosure Vulnerability."

nvd

CVE-2013-1347HIGHCVSS 8.8KEVPoCv82013-05-05

CVE-2013-1347 [HIGH] CWE-416 CVE-2013-1347: Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attack Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly allocated or (2) is deleted, as exploited in the wild in May 2013.

nvd

CVE-2013-1338CRITICALCVSS 9.3v6v7+3 more2013-05-02

CVE-2013-1338 [CRITICAL] CVE-2013-1338: Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1303 and CVE-2013-1304.

nvd

CVE-2013-1304CRITICALCVSS 9.3v6v7+3 more2013-04-09

CVE-2013-1304 [CRITICAL] CVE-2013-1304: Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1303 and CVE-2013-1338.

nvd

CVE-2013-1303CRITICALCVSS 9.3v6v7+3 more2013-04-09

CVE-2013-1303 [CRITICAL] CWE-399 CVE-2013-1303: Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1304 and CVE-2013-1338.

nvd

CVE-2013-1288CRITICALCVSS 9.3v82013-03-13

CVE-2013-1288 [CRITICAL] CWE-399 CVE-2013-1288: Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arb Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CTreeNode Use After Free Vulnerability."

nvd

CVE-2013-0094CRITICALCVSS 9.3v6v7+3 more2013-03-13

CVE-2013-0094 [CRITICAL] CWE-399 CVE-2013-0094: Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer removeChild Use After Free Vulnerability."

nvd

CVE-2013-0088CRITICALCVSS 9.3v6v7+3 more2013-03-13

CVE-2013-0088 [CRITICAL] CWE-399 CVE-2013-0088: Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer saveHistory Use After Free Vulnerability."

nvd

CVE-2013-0093CRITICALCVSS 9.3v6v7+3 more2013-03-13

CVE-2013-0093 [CRITICAL] CWE-399 CVE-2013-0093: Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer onBeforeCopy Use After Free Vulnerability."

nvd

CVE-2013-0087CRITICALCVSS 9.3v6v7+3 more2013-03-13

CVE-2013-0087 [CRITICAL] CWE-399 CVE-2013-0087: Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer OnResize Use After Free Vulnerability."

nvd

CVE-2013-0089CRITICALCVSS 9.3v6v7+3 more2013-03-13

CVE-2013-0089 [CRITICAL] CWE-399 CVE-2013-0089: Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CMarkupBehaviorContext Use After Free Vulnerability."

nvd

CVE-2013-0091CRITICALCVSS 9.3v82013-03-13

CVE-2013-0091 [CRITICAL] CWE-399 CVE-2013-0091: Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arb Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CElement Use After Free Vulnerability."

nvd

CVE-2013-0092CRITICALCVSS 9.3v6v7+3 more2013-03-13

CVE-2013-0092 [CRITICAL] CWE-399 CVE-2013-0092: Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer GetMarkupPtr Use After Free Vulnerability."

nvd

CVE-2013-0090HIGHCVSS 8.8PoCv6v7+3 more2013-03-13

CVE-2013-0090 [HIGH] CWE-399 CVE-2013-0090: Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CCaret Use After Free Vulnerability."

nvd

CVE-2013-2552HIGHCVSS 7.5v102013-03-11

CVE-2013-2552 [HIGH] CVE-2013-2552: Unspecified vulnerability in Microsoft Internet Explorer 10 on Windows 8 allows remote attackers to Unspecified vulnerability in Microsoft Internet Explorer 10 on Windows 8 allows remote attackers to bypass the sandbox protection mechanism by leveraging access to a Medium integrity process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013.

nvd

CVE-2013-2551HIGHCVSS 8.8KEVPoCv6v7+3 more2013-03-11

CVE-2013-2551 [HIGH] CVE-2013-2551: Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1308 and

nvd

CVE-2013-2557HIGHCVSS 7.5v92013-03-11

CVE-2013-2557 [HIGH] CWE-119 CVE-2013-2557: The sandbox protection mechanism in Microsoft Internet Explorer 9 allows remote attackers to cause a The sandbox protection mechanism in Microsoft Internet Explorer 9 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, as demonstrated against Adobe Flash Player by VUPEN during a Pwn2Own competition at CanSecWest 2013.

nvd

CVE-2013-0023CRITICALCVSS 9.3v10v92013-02-13

CVE-2013-0023 [CRITICAL] CWE-399 CVE-2013-0023: Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to exec Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CDispNode Use After Free Vulnerability."

nvd

CVE-2013-0018CRITICALCVSS 9.3v6v7+2 more2013-02-13

CVE-2013-0018 [CRITICAL] CWE-399 CVE-2013-0018: Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to e Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer SetCapture Use After Free Vulnerability."

nvd

← Previous48 / 80Next →