Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2013-12-10 |
| Product | Internet Explorer | Last view | 2021-05-11 |
| Version | 11 | Type | Application |
| Update | - | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:microsoft:internet_explorer | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.5 | 2021-05-11 | CVE-2021-26419 | Scripting Engine Memory Corruption Vulnerability |
| 7.5 | 2021-03-11 | CVE-2021-27085 | Internet Explorer Remote Code Execution Vulnerability |
| 7.5 | 2021-03-11 | CVE-2021-26411 | Internet Explorer Memory Corruption Vulnerability |
| 7.5 | 2020-11-11 | CVE-2020-17058 | Microsoft Browser Memory Corruption Vulnerability |
| 7.5 | 2020-11-11 | CVE-2020-17053 | Internet Explorer Memory Corruption Vulnerability |
| 8.1 | 2020-11-11 | CVE-2020-17052 | Scripting Engine Memory Corruption Vulnerability |
| 8.8 | 2020-09-11 | CVE-2020-1506 | An elevation of privilege vulnerability exists in the way that the Wininit.dll handles objects in memory, aka 'Windows Start-Up Application Elevation of Privilege Vulnerability'. |
| 8.8 | 2020-09-11 | CVE-2020-1012 | An elevation of privilege vulnerability exists in the way that the Wininit.dll handles objects in memory, aka 'WinINet API Elevation of Privilege Vulnerability'. |
| 7.5 | 2020-09-11 | CVE-2020-0878 | A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'. |
| 7.5 | 2020-08-17 | CVE-2020-1570 | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1380, CVE-2020-1555. |
| 7.5 | 2020-08-17 | CVE-2020-1567 | A remote code execution vulnerability exists in the way that the MSHTML engine improperly validates input.An attacker could execute arbitrary code in the context of the current user, aka 'MSHTML Engine Remote Code Execution Vulnerability'. |
| 7.5 | 2020-08-17 | CVE-2020-1380 | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1555, CVE-2020-1570. |
| 4.3 | 2020-07-14 | CVE-2020-1432 | An information disclosure vulnerability exists when Skype for Business is accessed via Internet Explorer, aka 'Skype for Business via Internet Explorer Information Disclosure Vulnerability'. |
| 7.5 | 2020-07-14 | CVE-2020-1403 | A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. |
| 5.3 | 2020-06-09 | CVE-2020-1315 | An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory, aka 'Internet Explorer Information Disclosure Vulnerability'. |
| 7.5 | 2020-06-09 | CVE-2020-1260 | A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1213, CVE-2020-1214, CVE-2020-1215, CVE-2020-1216, CVE-2020-1230. |
| 7.5 | 2020-06-09 | CVE-2020-1230 | A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1213, CVE-2020-1214, CVE-2020-1215, CVE-2020-1216, CVE-2020-1260. |
| 7.5 | 2020-06-09 | CVE-2020-1219 | A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'. |
| 7.5 | 2020-06-09 | CVE-2020-1216 | A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1213, CVE-2020-1214, CVE-2020-1215, CVE-2020-1230, CVE-2020-1260. |
| 7.5 | 2020-06-09 | CVE-2020-1215 | A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1213, CVE-2020-1214, CVE-2020-1216, CVE-2020-1230, CVE-2020-1260. |
| 7.5 | 2020-06-09 | CVE-2020-1214 | A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1213, CVE-2020-1215, CVE-2020-1216, CVE-2020-1230, CVE-2020-1260. |
| 7.5 | 2020-06-09 | CVE-2020-1213 | A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1214, CVE-2020-1215, CVE-2020-1216, CVE-2020-1230, CVE-2020-1260. |
| 7.5 | 2020-05-21 | CVE-2020-1093 | A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1035, CVE-2020-1058, CVE-2020-1060. |
| 7.5 | 2020-05-21 | CVE-2020-1092 | A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1062. |
| 7.5 | 2020-05-21 | CVE-2020-1064 | A remote code execution vulnerability exists in the way that the MSHTML engine improperly validates input.An attacker could execute arbitrary code in the context of the current user, aka 'MSHTML Engine Remote Code Execution Vulnerability'. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 51% (244) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 13% (64) | CWE-787 | Out-of-bounds Write |
| 12% (60) | CWE-399 | Resource Management Errors |
| 8% (40) | CWE-200 | Information Exposure |
| 6% (33) | CWE-264 | Permissions, Privileges, and Access Controls |
| 2% (11) | CWE-20 | Improper Input Validation |
| 1% (6) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 0% (4) | CWE-416 | Use After Free |
| 0% (2) | CWE-290 | Authentication Bypass by Spoofing |
| 0% (2) | CWE-254 | Security Features |
| 0% (2) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 0% (1) | CWE-425 | Direct Request ('Forced Browsing') |
| 0% (1) | CWE-310 | Cryptographic Issues |
| 0% (1) | CWE-269 | Improper Privilege Management |
| 0% (1) | CWE-190 | Integer Overflow or Wraparound |
| 0% (1) | CWE-88 | Argument Injection or Modification |
| 0% (1) | CWE-74 | Failure to Sanitize Data into a Different Plane ('Injection') |
| 0% (1) | CWE-19 | Data Handling |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-A-0210 | Cumulative Security Update for Microsoft Internet Explorer (MS15-094) Severity: Category II - VMSKEY: V0061381 |
| 2015-A-0211 | Cumulative Security Update for Microsoft Edge (MS15-095) Severity: Category II - VMSKEY: V0061383 |
| 2015-A-0188 | Cumulative Security Update for Microsoft Internet Explorer (MS15-079) Severity: Category I - VMSKEY: V0061297 |
| 2015-A-0194 | Multiple Vulnerabilities in Microsoft Office (MS15-081) Severity: Category II - VMSKEY: V0061307 |
| 2015-A-0197 | Microsoft Command Line Parameter Information Disclosure Vulnerability (MS15-088) Severity: Category II - VMSKEY: V0061313 |
| 2015-A-0189 | Cumulative Security Update for Microsoft Edge (MS15-091) Severity: Category II - VMSKEY: V0061317 |
| 2015-A-0110 | Microsoft VBScript ASLR Security Bypass Vulnerabilities (MS15-053) Severity: Category II - VMSKEY: V0060657 |
| 2014-A-0094 | Cumulative Security Update for Microsoft Internet Explorer Severity: Category I - VMSKEY: V0052947 |
| 2014-A-0079 | Cumulative Security Update for Microsoft Internet Explorer Severity: Category I - VMSKEY: V0052493 |
| 2014-A-0072 | Multiple Vulnerabilities in Microsoft Internet Explorer Severity: Category I - VMSKEY: V0050435 |
| 2014-A-0048 | Cumulative Security Update for Microsoft Internet Explorer Severity: Category I - VMSKEY: V0048677 |
| 2014-A-0037 | Cumulative Security Update for Microsoft Internet Explorer Severity: Category I - VMSKEY: V0046163 |
| 2014-A-0025 | Microsoft VBScript Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0044034 |
| 2014-A-0023 | Cumulative Security Update for Microsoft Internet Explorer Severity: Category I - VMSKEY: V0044038 |
| 2013-A-0223 | Cumulative Security Update for Microsoft Internet Explorer Severity: Category I - VMSKEY: V0042584 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2020-12-10 | Microsoft Internet Explorer memory corruption attempt RuleID : 56289 - Type : BROWSER-IE - Revision : 1 |
| 2020-12-10 | Microsoft Internet Explorer memory corruption attempt RuleID : 56288 - Type : BROWSER-IE - Revision : 4 |
| 2020-12-10 | Microsoft Edge memory corruption attempt RuleID : 56287 - Type : BROWSER-IE - Revision : 1 |
| 2020-12-10 | Microsoft Edge memory corruption attempt RuleID : 56286 - Type : BROWSER-IE - Revision : 1 |
| 2020-09-15 | Microsoft Edge memory corruption attempt RuleID : 54744 - Type : BROWSER-IE - Revision : 1 |
| 2020-09-15 | Microsoft Edge memory corruption attempt RuleID : 54743 - Type : BROWSER-IE - Revision : 1 |
| 2020-09-15 | Microsoft Internet Explorer memory corruption attempt RuleID : 54742 - Type : BROWSER-IE - Revision : 1 |
| 2020-09-15 | Microsoft Internet Explorer memory corruption attempt RuleID : 54741 - Type : BROWSER-IE - Revision : 1 |
| 2020-09-15 | Microsoft Edge memory corruption attempt RuleID : 54740 - Type : BROWSER-IE - Revision : 1 |
| 2020-09-15 | Microsoft Edge memory corruption attempt RuleID : 54739 - Type : BROWSER-IE - Revision : 1 |
| 2020-08-13 | Microsoft Internet Explorer VBScript engine memory corruption attempt RuleID : 54510 - Type : BROWSER-IE - Revision : 1 |
| 2020-08-13 | Microsoft Internet Explorer VBScript engine memory corruption attempt RuleID : 54509 - Type : BROWSER-IE - Revision : 1 |
| 2020-07-30 | Microsoft Internet Explorer JavaScript engine memory corruption attempt RuleID : 54400 - Type : BROWSER-IE - Revision : 1 |
| 2020-07-30 | Microsoft Internet Explorer JavaScript engine memory corruption attempt RuleID : 54399 - Type : BROWSER-IE - Revision : 1 |
| 2020-07-09 | Microsoft Edge memory corruption attempt RuleID : 54246 - Type : BROWSER-IE - Revision : 1 |
| 2020-07-09 | Microsoft Edge memory corruption attempt RuleID : 54245 - Type : BROWSER-IE - Revision : 1 |
| 2020-07-09 | Microsoft Edge memory corruption attempt RuleID : 54239 - Type : BROWSER-IE - Revision : 1 |
| 2020-07-09 | Microsoft Edge memory corruption attempt RuleID : 54238 - Type : BROWSER-IE - Revision : 1 |
| 2020-07-09 | Microsoft Edge memory corruption attempt RuleID : 54237 - Type : BROWSER-IE - Revision : 1 |
| 2020-07-09 | Microsoft Edge memory corruption attempt RuleID : 54236 - Type : BROWSER-IE - Revision : 1 |
| 2020-07-09 | Microsoft Internet Explorer VBScript memory corruption attempt RuleID : 54233 - Type : BROWSER-IE - Revision : 1 |
| 2020-07-09 | Microsoft Internet Explorer VBScript memory corruption attempt RuleID : 54232 - Type : BROWSER-IE - Revision : 1 |
| 2020-07-09 | Microsoft Internet Explorer VBScript engine memory corruption attempt RuleID : 54231 - Type : BROWSER-IE - Revision : 1 |
| 2020-07-09 | Microsoft Internet Explorer VBScript engine memory corruption attempt RuleID : 54230 - Type : BROWSER-IE - Revision : 1 |
| 2020-07-07 | Microsoft Edge memory corruption attempt RuleID : 54194 - Type : BROWSER-IE - Revision : 1 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2017-11-30 | Name: The Internet Explorer installation on the remote host is affected by multiple... File: smb_nt_ms17_aug_internet_explorer.nasl - Type: ACT_GATHER_INFO |
| 2017-11-30 | Name: The Internet Explorer installation on the remote host is affected by multiple... File: smb_nt_ms17_jul_internet_explorer.nasl - Type: ACT_GATHER_INFO |
| 2017-11-30 | Name: The Internet Explorer installation on the remote host is affected by multiple... File: smb_nt_ms17_jun_internet_explorer.nasl - Type: ACT_GATHER_INFO |
| 2017-11-30 | Name: The Internet Explorer installation on the remote host is affected by multiple... File: smb_nt_ms17_nov_internet_explorer.nasl - Type: ACT_GATHER_INFO |
| 2017-11-30 | Name: The Internet Explorer installation on the remote host is affected by multiple... File: smb_nt_ms17_oct_internet_explorer.nasl - Type: ACT_GATHER_INFO |
| 2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048952.nasl - Type: ACT_GATHER_INFO |
| 2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048953.nasl - Type: ACT_GATHER_INFO |
| 2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048954.nasl - Type: ACT_GATHER_INFO |
| 2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048955.nasl - Type: ACT_GATHER_INFO |
| 2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048956.nasl - Type: ACT_GATHER_INFO |
| 2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048957.nasl - Type: ACT_GATHER_INFO |
| 2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048958.nasl - Type: ACT_GATHER_INFO |
| 2017-11-14 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_nov_4048959.nasl - Type: ACT_GATHER_INFO |
| 2017-11-03 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_aug_4034668.nasl - Type: ACT_GATHER_INFO |
| 2017-11-03 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_jul_4025338.nasl - Type: ACT_GATHER_INFO |
| 2017-11-03 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_oct_4042895.nasl - Type: ACT_GATHER_INFO |
| 2017-10-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_oct_win2008.nasl - Type: ACT_GATHER_INFO |
| 2017-10-10 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_oct_4041676.nasl - Type: ACT_GATHER_INFO |
| 2017-10-10 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_oct_4041681.nasl - Type: ACT_GATHER_INFO |
| 2017-10-10 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_oct_4041689.nasl - Type: ACT_GATHER_INFO |
| 2017-10-10 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_oct_4041690.nasl - Type: ACT_GATHER_INFO |
| 2017-10-10 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_oct_4041691.nasl - Type: ACT_GATHER_INFO |
| 2017-10-10 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_oct_4041693.nasl - Type: ACT_GATHER_INFO |
| 2017-08-08 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_aug_4034658.nasl - Type: ACT_GATHER_INFO |
| 2017-08-08 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms17_aug_4034660.nasl - Type: ACT_GATHER_INFO |
