This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2013-11-12
Product Internet Explorer Last view 2019-01-08
Version 11 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:microsoft:internet_explorer

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
8.8 2019-01-08 CVE-2019-0541

A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input, aka "MSHTML Engine Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Internet Explorer 9, Internet Explorer 11, Microsoft Excel Viewer, Internet Explorer 10, Office 365 ProPlus.

7.5 2018-11-13 CVE-2018-8570

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11.

7.5 2018-10-10 CVE-2018-8491

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-8460.

7.5 2018-10-10 CVE-2018-8460

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-8491.

6.1 2018-09-12 CVE-2018-8470

A security feature bypass vulnerability exists in Internet Explorer due to how scripts are handled that allows a universal cross-site scripting (UXSS) condition, aka "Internet Explorer Security Feature Bypass Vulnerability." This affects Internet Explorer 11.

7.5 2018-09-12 CVE-2018-8461

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-8447.

7.5 2018-09-12 CVE-2018-8457

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-8354, CVE-2018-8391, CVE-2018-8456, CVE-2018-8459.

4.3 2018-09-12 CVE-2018-8452

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers, aka "Scripting Engine Information Disclosure Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge.

7.5 2018-09-12 CVE-2018-8447

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8461.

4.2 2018-09-12 CVE-2018-8315

An information disclosure vulnerability exists when the browser scripting engine improperly handle object types, aka "Microsoft Scripting Engine Information Disclosure Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10.

7.5 2018-08-15 CVE-2018-8403

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability." This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10.

7.5 2018-08-15 CVE-2018-8385

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8389, CVE-2018-8390.

7.5 2018-08-15 CVE-2018-8373

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390.

7.5 2018-08-15 CVE-2018-8372

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390.

7.5 2018-08-15 CVE-2018-8371

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390.

8.3 2018-08-15 CVE-2018-8357

An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape, aka "Microsoft Browser Elevation of Privilege Vulnerability." This affects Internet Explorer 11, Microsoft Edge.

7.5 2018-08-15 CVE-2018-8355

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8353, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390.

7.5 2018-08-15 CVE-2018-8353

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390.

6.5 2018-08-15 CVE-2018-8351

An information disclosure vulnerability exists when affected Microsoft browsers improperly allow cross-frame interaction, aka "Microsoft Browser Information Disclosure Vulnerability." This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10.

7.5 2018-08-15 CVE-2018-8316

A remote code execution vulnerability exists when Internet Explorer improperly validates hyperlinks before loading executable libraries, aka "Internet Explorer Remote Code Execution Vulnerability." This affects Internet Explorer 11, Internet Explorer 10.

7.5 2018-07-10 CVE-2018-8296

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8291, CVE-2018-8298.

7.5 2018-07-10 CVE-2018-8291

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8296, CVE-2018-8298.

7.5 2018-07-10 CVE-2018-8288

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298.

7.5 2018-07-10 CVE-2018-8287

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298.

7.5 2018-07-10 CVE-2018-8242

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298.

CWE : Common Weakness Enumeration

%idName
68% (130) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
17% (34) CWE-200 Information Exposure
6% (13) CWE-20 Improper Input Validation
2% (4) CWE-284 Access Control (Authorization) Issues
1% (3) CWE-264 Permissions, Privileges, and Access Controls
1% (2) CWE-399 Resource Management Errors
1% (2) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
0% (1) CWE-704 Incorrect Type Conversion or Cast
0% (1) CWE-416 Use After Free
0% (1) CWE-276 Incorrect Default Permissions

SAINT Exploits

Description Link
Internet Explorer mshtml.dll Memory Corruption Vulnerability More info here

ExploitDB Exploits

id Description
33893 MS13-097 Registry Symlink IE Sandbox Escape

Information Assurance Vulnerability Management (IAVM)

id Description
2014-A-0079 Cumulative Security Update for Microsoft Internet Explorer
Severity: Category I - VMSKEY: V0052493
2014-A-0065 Microsoft Internet Explorer Memory Corruption Vulnerability
Severity: Category I - VMSKEY: V0050205
2013-A-0223 Cumulative Security Update for Microsoft Internet Explorer
Severity: Category I - VMSKEY: V0042584
2013-A-0215 Cumulative Security Update for Microsoft Internet Explorer
Severity: Category I - VMSKEY: V0042296

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2019-12-05 Microsoft Edge scripting engine Map prototype memory corruption attempt
RuleID : 52085 - Type : BROWSER-IE - Revision : 1
2019-12-05 Microsoft Edge scripting engine Map prototype memory corruption attempt
RuleID : 52084 - Type : BROWSER-IE - Revision : 1
2019-06-18 Microsoft Internet Explorer CTextElement use after free attempt
RuleID : 50124 - Type : BROWSER-IE - Revision : 1
2019-06-18 Microsoft Internet Explorer CTextElement use after free attempt
RuleID : 50123 - Type : BROWSER-IE - Revision : 1
2019-06-04 Javascript CollectGarbage use-after-free attempt
RuleID : 50005 - Type : BROWSER-IE - Revision : 1
2019-06-04 Javascript CollectGarbage use-after-free attempt
RuleID : 50004 - Type : BROWSER-IE - Revision : 1
2019-05-26 Microsoft Internet Explorer VML use after free attempt
RuleID : 49940 - Type : BROWSER-IE - Revision : 2
2019-03-05 Microsoft Internet Explorer CTextElement use after free attempt
RuleID : 49084 - Type : BROWSER-IE - Revision : 2
2019-03-05 Microsoft Internet Explorer CTextElement use after free attempt
RuleID : 49083 - Type : BROWSER-IE - Revision : 2
2019-02-19 Microsoft Internet Explorer page layout use after free attempt
RuleID : 48899 - Type : BROWSER-IE - Revision : 2
2019-02-19 Microsoft Internet Explorer page layout use after free attempt
RuleID : 48898 - Type : BROWSER-IE - Revision : 2
2019-02-05 Microsoft Internet Explorer ProgID arbitrary code execution attempt
RuleID : 48783 - Type : BROWSER-IE - Revision : 2
2019-02-05 Microsoft Internet Explorer ProgID arbitrary code execution attempt
RuleID : 48782 - Type : BROWSER-IE - Revision : 2
2019-01-22 Microsoft Internet Explorer VBScript remote code execution attempt
RuleID : 48696 - Type : BROWSER-IE - Revision : 3
2019-01-22 Microsoft Internet Explorer VBScript remote code execution attempt
RuleID : 48695 - Type : BROWSER-IE - Revision : 3
2019-01-22 Microsoft Internet Explorer VBScript remote code execution attempt
RuleID : 48694 - Type : BROWSER-IE - Revision : 3
2019-01-22 Microsoft Internet Explorer VBScript remote code execution attempt
RuleID : 48693 - Type : BROWSER-IE - Revision : 3
2018-11-06 Microsoft Internet Explorer import key use-after-free attempt
RuleID : 48050 - Type : BROWSER-IE - Revision : 1
2018-11-06 Microsoft Internet Explorer import key use-after-free attempt
RuleID : 48049 - Type : BROWSER-IE - Revision : 1
2018-11-06 Microsoft Edge DomAttrModified use after free attempt
RuleID : 48046 - Type : BROWSER-IE - Revision : 1
2018-11-06 Microsoft Edge DomAttrModified use after free attempt
RuleID : 48045 - Type : BROWSER-IE - Revision : 1
2018-10-16 Microsoft Internet Explorer iframe open redirect attempt
RuleID : 47761 - Type : BROWSER-IE - Revision : 2
2018-10-11 Microsoft Internet Explorer memory corruption attempt
RuleID : 47739 - Type : BROWSER-IE - Revision : 1
2018-10-11 Microsoft Internet Explorer memory corruption attempt
RuleID : 47738 - Type : BROWSER-IE - Revision : 1
2018-10-11 Microsoft Internet Explorer memory corruption attempt
RuleID : 47731 - Type : BROWSER-IE - Revision : 1

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2017-12-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_dec_4053578.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_dec_4053579.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_dec_4053580.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_dec_4053581.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_dec_4054517.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_dec_4054518.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_dec_4054519.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_dec_4054520.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: The Internet Explorer installation on the remote host is affected by multiple...
File: smb_nt_ms17_dec_internet_explorer.nasl - Type: ACT_GATHER_INFO
2017-11-30 Name: The Internet Explorer installation on the remote host is affected by multiple...
File: smb_nt_ms17_apr_internet_explorer.nasl - Type: ACT_GATHER_INFO
2017-11-30 Name: The Internet Explorer installation on the remote host is affected by multiple...
File: smb_nt_ms17_aug_internet_explorer.nasl - Type: ACT_GATHER_INFO
2017-11-30 Name: The Internet Explorer installation on the remote host is affected by multiple...
File: smb_nt_ms17_jul_internet_explorer.nasl - Type: ACT_GATHER_INFO
2017-11-30 Name: The Internet Explorer installation on the remote host is affected by multiple...
File: smb_nt_ms17_jun_internet_explorer.nasl - Type: ACT_GATHER_INFO
2017-11-30 Name: The Internet Explorer installation on the remote host is affected by multiple...
File: smb_nt_ms17_may_internet_explorer.nasl - Type: ACT_GATHER_INFO
2017-11-30 Name: The Internet Explorer installation on the remote host is affected by multiple...
File: smb_nt_ms17_nov_internet_explorer.nasl - Type: ACT_GATHER_INFO
2017-11-30 Name: The Internet Explorer installation on the remote host is affected by multiple...
File: smb_nt_ms17_oct_internet_explorer.nasl - Type: ACT_GATHER_INFO
2017-11-30 Name: The Internet Explorer installation on the remote host is affected by multiple...
File: smb_nt_ms17_sep_internet_explorer.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_4048952.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_4048953.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_4048954.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_4048955.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_4048956.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_4048957.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_4048958.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_4048959.nasl - Type: ACT_GATHER_INFO