Vulnerabilities > Microsoft > Internet Explorer > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-02-11 | CVE-2015-0070 | Information Exposure vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability." | 4.3 |
| 2015-02-11 | CVE-2015-0069 | Permissions, Privileges, and Access Controls vulnerability in Microsoft Internet Explorer 10/11 Microsoft Internet Explorer 10 and 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability." | 4.3 |
| 2015-02-11 | CVE-2015-0055 | Permissions, Privileges, and Access Controls vulnerability in Microsoft Internet Explorer 10/11 Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability." | 4.3 |
| 2015-02-11 | CVE-2015-0054 | Permissions, Privileges, and Access Controls vulnerability in Microsoft Internet Explorer 10/11 Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability." | 4.3 |
| 2015-02-11 | CVE-2015-0051 | Permissions, Privileges, and Access Controls vulnerability in Microsoft Internet Explorer 8 Microsoft Internet Explorer 8 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability." | 4.3 |
| 2015-02-07 | CVE-2015-0072 | Cross-site Scripting vulnerability in Microsoft Internet Explorer 10/11/9 Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy and inject arbitrary web script or HTML via vectors involving an IFRAME element that triggers a redirect, a second IFRAME element that does not trigger a redirect, and an eval of a WindowProxy object, aka "Universal XSS (UXSS)." | 4.3 |
| 2014-12-15 | CVE-2014-8967 | Use After Free Remote Code Execution vulnerability in Microsoft Internet Explorer Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted HTML document in conjunction with a Cascading Style Sheets (CSS) token sequence specifying the run-in value for the display property, leading to improper CElement reference counting. network microsoft | 6.8 |
| 2014-12-11 | CVE-2014-6368 | Improper Input Validation vulnerability in Microsoft Internet Explorer 11 Microsoft Internet Explorer 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability." | 4.3 |
| 2014-12-11 | CVE-2014-6365 | Improper Input Validation vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the XSS filter via a crafted attribute of an element in an HTML document, aka "Internet Explorer XSS Filter Bypass Vulnerability," a different vulnerability than CVE-2014-6328. | 4.3 |
| 2014-12-11 | CVE-2014-6328 | Improper Input Validation vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the XSS filter via a crafted attribute of an element in an HTML document, aka "Internet Explorer XSS Filter Bypass Vulnerability," a different vulnerability than CVE-2014-6365. | 5.0 |