Microsoft: >> Internet Explorer >> 9 Security Vulnerabilities
The broker EditWith feature in Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the AppContainer protection mechanism and gain privileges via a DelegateExecute launch of an arbitrary application, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Internet Explorer Elevation of Privilege Vulnerability."
CVSS Score
6.8
EPSS Score
0.137
Published
2015-10-14
Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."
CVSS Score
4.3
EPSS Score
0.211
Published
2015-10-14
The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted replace operation with a JavaScript regular expression, aka "Scripting Engine Memory Corruption Vulnerability."
CVSS Score
9.3
EPSS Score
0.641
Published
2015-10-14
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2485 and CVE-2015-2491.
CVSS Score
9.3
EPSS Score
0.148
Published
2015-09-09
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability."
CVSS Score
9.3
EPSS Score
0.148
Published
2015-09-09
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2486, CVE-2015-2487, CVE-2015-2490, CVE-2015-2492, CVE-2015-2494, and CVE-2015-2498.
CVSS Score
9.3
EPSS Score
0.127
Published
2015-09-09
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2486, CVE-2015-2487, CVE-2015-2490, CVE-2015-2492, CVE-2015-2494, and CVE-2015-2499.
CVSS Score
9.3
EPSS Score
0.127
Published
2015-09-09
Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2486, CVE-2015-2487, CVE-2015-2490, CVE-2015-2492, CVE-2015-2498, and CVE-2015-2499.
CVSS Score
9.3
EPSS Score
0.148
Published
2015-09-09
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2486, CVE-2015-2487, CVE-2015-2490, CVE-2015-2494, CVE-2015-2498, and CVE-2015-2499.
CVSS Score
9.3
EPSS Score
0.208
Published
2015-09-09
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2485 and CVE-2015-2541.
CVSS Score
9.3
EPSS Score
0.208
Published
2015-09-09