Vulnerabilities > Microsoft > Internet Explorer
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-02-14 | CVE-2012-0155 | Code Injection vulnerability in Microsoft Internet Explorer 9 Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Remote Code Execution Vulnerability." | 9.3 |
| 2012-02-14 | CVE-2012-0012 | Improper Initialization vulnerability in Microsoft Internet Explorer 9 Microsoft Internet Explorer 9 does not properly handle the creation and initialization of string objects, which allows remote attackers to read data from arbitrary process-memory locations via a crafted web site, aka "Null Byte Information Disclosure Vulnerability." | 4.3 |
| 2012-02-14 | CVE-2012-0011 | Code Injection vulnerability in Microsoft Internet Explorer 7/8/9 Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "HTML Layout Remote Code Execution Vulnerability." | 9.3 |
| 2012-02-14 | CVE-2012-0010 | Information Exposure vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6 through 9 does not properly perform copy-and-paste operations, which allows user-assisted remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Copy and Paste Information Disclosure Vulnerability." | 4.3 |
| 2011-12-14 | CVE-2011-3404 | Information Exposure vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6 through 9 does not properly use the Content-Disposition HTTP header to control rendering of the HTTP response body, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Content-Disposition Information Disclosure Vulnerability." | 4.3 |
| 2011-12-14 | CVE-2011-2019 | Untrusted Search Path vulnerability in Microsoft Internet Explorer 9 Untrusted search path vulnerability in Microsoft Internet Explorer 9 on Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an HTML file, aka "Internet Explorer Insecure Library Loading Vulnerability." | 9.3 |
| 2011-12-14 | CVE-2011-1992 | Cross-site Scripting vulnerability in Microsoft Internet Explorer 8 The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to read content from a different (1) domain or (2) zone via a "trial and error" attack, aka "XSS Filter Information Disclosure Vulnerability." | 4.3 |
| 2011-12-07 | CVE-2011-4689 | Permissions, Privileges, and Access Controls vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6 through 9 does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code. | 5.0 |
| 2011-12-07 | CVE-2010-5071 | Permissions, Privileges, and Access Controls vulnerability in Microsoft IE and Internet Explorer The JavaScript implementation in Microsoft Internet Explorer 8.0 and earlier does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method. | 5.0 |
| 2011-12-07 | CVE-2002-2435 | Information Exposure vulnerability in Microsoft IE and Internet Explorer The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264. | 4.3 |