Microsoft Internet Explorer vulnerabilities

CVE-2011-0346 [HIGH] CWE-399 CVE-2011-0346: Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Ex Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the DOM implementation and the BreakAASpecial and BreakCircularMemoryReferences functions, as demonstrated by cros

CVE-2010-3971 [CRITICAL] CWE-399 CVE-2010-3971: Use-after-free vulnerability in the CSharedStyleSheet::Notify function in the Cascading Style Sheets Use-after-free vulnerability in the CSharedStyleSheet::Notify function in the Cascading Style Sheets (CSS) parser in mshtml.dll, as used in Microsoft Internet Explorer 6 through 8 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a self-referential @import rule in a stylesheet,

CVE-2010-3346 [CRITICAL] CWE-908 CVE-2010-3346: Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows rem Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability."

CVE-2010-3340 [CRITICAL] CWE-94 CVE-2010-3340: Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability."

CVE-2010-3343 [CRITICAL] CWE-908 CVE-2010-3343: Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attack Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability."

CVE-2010-3345 [CRITICAL] CWE-908 CVE-2010-3345: Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attack Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability."

CVE-2010-3342 [MEDIUM] CWE-200 CVE-2010-3342: Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of cached content as HTML, which Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of cached content as HTML, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Cross-Domain Information Disclosure Vulnerability," a different vulnerability than CVE-2010-3348.

CVE-2010-3348 [MEDIUM] CVE-2010-3348: Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of cached content as HTML, which Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of cached content as HTML, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Cross-Domain Information Disclosure Vulnerability," a different vulnerability than CVE-2010-3342.

CVE-2010-3962 [HIGH] CWE-416 CVE-2010-3962: Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to e Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Cascading Style Sheets (CSS) token sequences and the clip attribute, aka an "invalid flag reference" issue or "Uninitialized Memory Corruption Vulnerability," as exploited in the wild in November 2010.

CVE-2010-3326 [CRITICAL] CWE-94 CVE-2010-3326: Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attack Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."

CVE-2010-3329 [CRITICAL] CWE-94 CVE-2010-3329: mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary cod mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code via a crafted Microsoft Office document that causes the HtmlDlgHelper class destructor to access uninitialized memory, aka "Uninitialized Memory Corruption Vulnerability."

CVE-2010-3331 [CRITICAL] CWE-94 CVE-2010-3331: Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory in certain circum Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory in certain circumstances involving use of Microsoft Word to read Word documents, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Mem

CVE-2010-3328 [HIGH] CWE-416 CVE-2010-3328: Use-after-free vulnerability in the CAttrArray::PrivateFind function in mshtml.dll in Microsoft Inte Use-after-free vulnerability in the CAttrArray::PrivateFind function in mshtml.dll in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code by setting an unspecified property of a stylesheet object, aka "Uninitialized Memory Corruption Vulnerability."

CVE-2010-3325 [MEDIUM] CWE-200 CVE-2010-3325: Microsoft Internet Explorer 6 through 8 does not properly handle unspecified special characters in C Microsoft Internet Explorer 6 through 8 does not properly handle unspecified special characters in Cascading Style Sheets (CSS) documents, which allows remote attackers to obtain sensitive information from a different (1) domain or (2) zone via a crafted web site, aka "CSS Special Character Information Disclosure Vulnerability."

CVE-2010-3243 [MEDIUM] CWE-79 CVE-2010-3243: Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoint Server 2007 SP2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "HTML Sanitization Vulnerability."

CVE-2010-3330 [MEDIUM] CWE-200 CVE-2010-3330: Microsoft Internet Explorer 6 through 8 does not properly restrict script access to content from a d Microsoft Internet Explorer 6 through 8 does not properly restrict script access to content from a different (1) domain or (2) zone, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Cross-Domain Information Disclosure Vulnerability."

CVE-2010-3327 [MEDIUM] CWE-200 CVE-2010-3327: The implementation of HTML content creation in Microsoft Internet Explorer 6 through 8 does not remo The implementation of HTML content creation in Microsoft Internet Explorer 6 through 8 does not remove the Anchor element during pasting and editing, which might allow remote attackers to obtain sensitive deleted information by visiting a web page, aka "Anchor Element Information Disclosure Vulnerability."

CVE-2010-0808 [LOW] CWE-200 CVE-2010-0808: Microsoft Internet Explorer 6 and 7 on Windows XP and Vista does not prevent script from simulating Microsoft Internet Explorer 6 and 7 on Windows XP and Vista does not prevent script from simulating user interaction with the AutoComplete feature, which allows remote attackers to obtain sensitive form information via a crafted web site, aka "AutoComplete Information Disclosure Vulnerability."

CVE-2010-3886 [MEDIUM] CWE-200 CVE-2010-3886: The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft mshtml.dll uses a certain pointer The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft mshtml.dll uses a certain pointer value as part of producing Timer ID values for the setTimeout and setInterval methods in VBScript and JScript, which allows remote attackers to obtain sensitive information about the heap memory addresses used by an application, as demonstrated by the

CVE-2010-3324 [MEDIUM] CVE-2010-3324: The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft W The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, Groove Server 2010, and Office Web Apps, allows remote attackers to bypass the cross-site scripting (XSS) protection mechanism and conduct XSS attacks via a craft