CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Microsoft » Internet Explorer : Security Vulnerabilities (Execute Code)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
501 CVE-2014-0269 119 DoS Exec Code Overflow Mem. Corr. 2014-02-11 2014-02-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
502 CVE-2014-0267 119 DoS Exec Code Overflow Mem. Corr. 2014-02-11 2014-02-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0289 and CVE-2014-0290.
503 CVE-2013-5052 119 DoS Exec Code Overflow Mem. Corr. 2013-12-10 2013-12-11
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
504 CVE-2013-5051 119 DoS Exec Code Overflow Mem. Corr. 2013-12-10 2013-12-11
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
505 CVE-2013-5049 119 DoS Exec Code Overflow Mem. Corr. 2013-12-10 2013-12-11
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
506 CVE-2013-5048 119 DoS Exec Code Overflow Mem. Corr. 2013-12-10 2013-12-11
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-5047.
507 CVE-2013-5047 119 DoS Exec Code Overflow Mem. Corr. 2013-12-10 2013-12-11
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-5048.
508 CVE-2013-5046 20 Exec Code +Priv Bypass 2013-12-10 2013-12-11
6.2
None Local High Not required Complete Complete Complete
Microsoft Internet Explorer 7 through 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code, aka "Internet Explorer Elevation of Privilege Vulnerability."
509 CVE-2013-5045 20 1 Exec Code +Priv Bypass 2013-12-10 2017-01-06
6.2
None Local High Not required Complete Complete Complete
Microsoft Internet Explorer 10 and 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code, aka "Internet Explorer Elevation of Privilege Vulnerability."
510 CVE-2013-4015 264 Exec Code +Priv Bypass 2013-07-26 2017-08-28
6.9
None Local Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 10 allows local users to bypass the elevation policy check in the (1) Protected Mode or (2) Enhanced Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code.
511 CVE-2013-3918 119 DoS Exec Code Overflow 2013-11-12 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
The InformationCardSigninHelper Class ActiveX control in icardie.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted web page that is accessed by Internet Explorer, as exploited in the wild in November 2013, aka "InformationCardSigninHelper Vulnerability."
512 CVE-2013-3917 119 DoS Exec Code Overflow Mem. Corr. 2013-11-12 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3915.
513 CVE-2013-3916 119 DoS Exec Code Overflow Mem. Corr. 2013-11-12 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3912.
514 CVE-2013-3915 119 DoS Exec Code Overflow Mem. Corr. 2013-11-12 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3917.
515 CVE-2013-3914 119 DoS Exec Code Overflow Mem. Corr. 2013-11-12 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
516 CVE-2013-3912 119 DoS Exec Code Overflow Mem. Corr. 2013-11-12 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3916.
517 CVE-2013-3911 119 DoS Exec Code Overflow Mem. Corr. 2013-11-12 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
518 CVE-2013-3910 119 DoS Exec Code Overflow Mem. Corr. 2013-11-12 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
519 CVE-2013-3897 399 DoS Exec Code Mem. Corr. 2013-10-09 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Use-after-free vulnerability in the CDisplayPointer class in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JavaScript code that uses the onpropertychange event handler, as exploited in the wild in September and October 2013, aka "Internet Explorer Memory Corruption Vulnerability."
520 CVE-2013-3893 399 Exec Code 2013-09-18 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help: URL that triggers loading of hxds.dll.
521 CVE-2013-3886 119 DoS Exec Code Overflow Mem. Corr. 2013-10-09 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
522 CVE-2013-3885 119 DoS Exec Code Overflow Mem. Corr. 2013-10-09 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3872, CVE-2013-3873, and CVE-2013-3882.
523 CVE-2013-3882 119 DoS Exec Code Overflow Mem. Corr. 2013-10-09 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3872, CVE-2013-3873, and CVE-2013-3885.
524 CVE-2013-3875 119 DoS Exec Code Overflow Mem. Corr. 2013-10-09 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
525 CVE-2013-3874 119 DoS Exec Code Overflow Mem. Corr. 2013-10-09 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
526 CVE-2013-3873 119 DoS Exec Code Overflow Mem. Corr. 2013-10-09 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3872, CVE-2013-3882, and CVE-2013-3885.
527 CVE-2013-3872 20 DoS Exec Code Mem. Corr. 2013-10-09 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3873, CVE-2013-3882, and CVE-2013-3885.
528 CVE-2013-3871 119 DoS Exec Code Overflow Mem. Corr. 2013-10-09 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
529 CVE-2013-3846 399 DoS Exec Code Mem. Corr. 2013-12-28 2013-12-30
9.3
None Remote Medium Not required Complete Complete Complete
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CSpliceTreeEngine::InsertSplice object in an HTML document, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3143 and CVE-2013-3161.
530 CVE-2013-3845 119 DoS Exec Code Overflow Mem. Corr. 2013-09-11 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
531 CVE-2013-3209 119 DoS Exec Code Overflow Mem. Corr. 2013-09-11 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3201, CVE-2013-3203, CVE-2013-3206, and CVE-2013-3207.
532 CVE-2013-3208 119 DoS Exec Code Overflow Mem. Corr. 2013-09-11 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
533 CVE-2013-3207 119 DoS Exec Code Overflow Mem. Corr. 2013-09-11 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3201, CVE-2013-3203, CVE-2013-3206, and CVE-2013-3209.
534 CVE-2013-3206 119 DoS Exec Code Overflow Mem. Corr. 2013-09-11 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3201, CVE-2013-3203, CVE-2013-3207, and CVE-2013-3209.
535 CVE-2013-3205 119 DoS Exec Code Overflow Mem. Corr. 2013-09-11 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
536 CVE-2013-3204 119 DoS Exec Code Overflow Mem. Corr. 2013-09-11 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
537 CVE-2013-3203 119 DoS Exec Code Overflow Mem. Corr. 2013-09-11 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3201, CVE-2013-3206, CVE-2013-3207, and CVE-2013-3209.
538 CVE-2013-3202 119 DoS Exec Code Overflow Mem. Corr. 2013-09-11 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
539 CVE-2013-3201 119 DoS Exec Code Overflow Mem. Corr. 2013-09-11 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3203, CVE-2013-3206, CVE-2013-3207, and CVE-2013-3209.
540 CVE-2013-3199 119 DoS Exec Code Overflow Mem. Corr. 2013-08-14 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
541 CVE-2013-3194 119 DoS Exec Code Overflow Mem. Corr. 2013-08-14 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
542 CVE-2013-3193 119 DoS Exec Code Overflow Mem. Corr. 2013-08-14 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3187 and CVE-2013-3191.
543 CVE-2013-3191 119 DoS Exec Code Overflow Mem. Corr. 2013-08-14 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3187 and CVE-2013-3193.
544 CVE-2013-3190 119 DoS Exec Code Overflow Mem. Corr. 2013-08-14 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
545 CVE-2013-3189 119 DoS Exec Code Overflow Mem. Corr. 2013-08-14 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3188.
546 CVE-2013-3188 119 DoS Exec Code Overflow Mem. Corr. 2013-08-14 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3189.
547 CVE-2013-3187 119 DoS Exec Code Overflow Mem. Corr. 2013-08-14 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3191 and CVE-2013-3193.
548 CVE-2013-3184 119 DoS Exec Code Overflow Mem. Corr. 2013-08-14 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
549 CVE-2013-3164 94 DoS Exec Code Mem. Corr. 2013-07-09 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
550 CVE-2013-3163 94 DoS Exec Code Mem. Corr. 2013-07-09 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3144 and CVE-2013-3151.
Total number of vulnerabilities : 670   Page : 1 2 3 4 5 6 7 8 9 10 11 (This Page)12 13 14
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.