Shodan
Vulnerabilities
Vulnerable Software
Microsoft:  >> Internet Explorer  >> 7  Security Vulnerabilities
CVE-2012-4969
Known exploited
Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012.
CVSS Score
8.1
EPSS Score
0.817
Published
2012-09-18
CVE-2012-1526
Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not initialized or (2) is deleted, aka "Layout Memory Corruption Vulnerability."
CVSS Score
9.3
EPSS Score
0.2
Published
2012-08-15
CVE-2012-2521
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Asynchronous NULL Object Access Remote Code Execution Vulnerability."
CVSS Score
9.3
EPSS Score
0.209
Published
2012-08-15
CVE-2012-2522
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a malformed virtual function table after this table's deletion, aka "Virtual Function Table Corruption Remote Code Execution Vulnerability."
CVSS Score
9.3
EPSS Score
0.245
Published
2012-08-15
CVE-2012-1878
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnBeforeDeactivate Event Remote Code Execution Vulnerability."
CVSS Score
9.3
EPSS Score
0.223
Published
2012-06-12
CVE-2012-1879
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access an undefined memory location, aka "insertAdjacentText Remote Code Execution Vulnerability."
CVSS Score
8.1
EPSS Score
0.196
Published
2012-06-12
CVE-2012-1880
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "insertRow Remote Code Execution Vulnerability."
CVSS Score
9.3
EPSS Score
0.241
Published
2012-06-12
CVE-2012-1882
Microsoft Internet Explorer 6 through 9 does not block cross-domain scrolling events, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Scrolling Events Information Disclosure Vulnerability."
CVSS Score
4.3
EPSS Score
0.138
Published
2012-06-12
CVE-2012-1523
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Center Element Remote Code Execution Vulnerability."
CVSS Score
9.3
EPSS Score
0.225
Published
2012-06-12
CVE-2012-1872
Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to inject arbitrary web script or HTML via crafted character sequences with EUC-JP encoding, aka "EUC-JP Character Encoding Vulnerability."
CVSS Score
6.1
EPSS Score
0.064
Published
2012-06-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved