Posts Tagged ‘Internet Explorer Vulnerability’

[Cyber Security 2015] Critical Vulnerability in Microsoft Internet Explorer

Posted: August 19, 2015 in IT Security News
Tags: , , , , , ,
4

Internet Explorer vulnerabilitiesMicrosoft has corrected zero-day vulnerability in Internet Explorer

The flaw allows an attacker to gain complete control over the target device.

Microsoft has released an update that corrects zero-day vulnerability in Internet Explorer of versions 7-11 (this flaw does not appear to be present in new Microsoft Edge). The Critical Hole CVE-2015-2502 allows an attacker to remotely execute code on the target device.

According to Microsoft, the remote user can use a specially created a web-site to compromise a vulnerable system. The vulnerability is caused due to a memory corruption error when handling certain objects. (more…)

Arbitrary code execution in Microsoft Internet Explorer

Posted: December 30, 2012 in Vulnerabilities
Tags: , , ,
0

internet explorer logoVulnerability: Arbitrary code execution in Microsoft Internet Explorer

Severity Rating: Critical
Patch: None

CVE ID: CVE-2012-4792
Vector of operation: Remote
Impact: System Compromise
CWE ID: CWE-119: An error occurred in the buffer
Exploited by active exploitation of the vulnerability
Affected Products: Microsoft Internet Explorer 6.x
Microsoft Internet Explorer 7.x
Microsoft Internet Explorer 8.x

Affected versions: Microsoft Internet Explorer version 6.x, 7.x, 8.x

Description:

The vulnerability allows a remote user to execute arbitrary code on the target system.

An error after release of the processing facility ‘CDwnBindInfo’. This can be exploited via a specially crafted Web-page call dereference already freed object and execute arbitrary code on the target system. (more…)