Vulnerabilities > Use After Free

DATE CVE VULNERABILITY TITLE RISK
2013-05-15 CVE-2013-1311 USE After Free vulnerability in Microsoft Internet Explorer 8
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability."
network
microsoft CWE-416
critical
9.3
2013-05-15 CVE-2013-1310 USE After Free vulnerability in Microsoft Internet Explorer 6/7
Use-after-free vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability."
network
microsoft CWE-416
critical
9.3
2013-05-15 CVE-2013-1309 USE After Free vulnerability in Microsoft Internet Explorer
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1308 and CVE-2013-2551.
network
microsoft CWE-416
critical
9.3
2013-05-15 CVE-2013-1308 USE After Free vulnerability in Microsoft Internet Explorer
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1309 and CVE-2013-2551.
network
microsoft CWE-416
critical
9.3
2013-05-15 CVE-2013-1307 USE After Free vulnerability in Microsoft Internet Explorer 8/9
Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-0811.
network
microsoft CWE-416
critical
9.3
2013-05-15 CVE-2013-1306 USE After Free vulnerability in Microsoft Internet Explorer 9
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1313.
network
microsoft CWE-416
critical
9.3
2013-05-15 CVE-2013-0811 USE After Free vulnerability in Microsoft Internet Explorer 8/9
Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1307.
network
microsoft CWE-416
critical
9.3
2013-05-05 CVE-2013-1347 Use After Free vulnerability in Microsoft Internet Explorer 8
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly allocated or (2) is deleted, as exploited in the wild in May 2013.
network
low complexity
microsoft CWE-416
8.8
2013-03-11 CVE-2013-2551 Use After Free vulnerability in Microsoft Internet Explorer
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1308 and CVE-2013-1309.
network
low complexity
microsoft CWE-416
8.8
2012-12-30 CVE-2012-4792 Use After Free vulnerability in Microsoft Internet Explorer 6/7/8
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated by a CDwnBindInfo object, and exploited in the wild in December 2012.
network
low complexity
microsoft CWE-416
8.8