| Email address | berendjanwever at gmail.com |
|---|---|
| Website | skypher.com |
| First Active | 2003-04-10 |
| Last Active | 2016-12-21 |
Microsoft Internet Explorer version 11 suffers from an MSHTML CPasteCommand::ConvertBitmaptoPng heap-based buffer overflow vulnerability.
a87cc7ee1b4128c1970cd37d32a4008e7291d1981ae935b4ac95c4ed3872d188Microsoft Internet Explorer 11 suffers from an MSHTML CSpliceTreeEngine::RemoveSplice use-after-free vulnerability.
4a433ee19642c052fc88dcbd2f3aa14e1198530dc3d8a39879f995d3b05cac16Chrome suffers from an HTTP 1xx base::String-Tokenizer-T<...>::Quick-Get-Next out of bounds read vulnerability.
1e98ef1c15cfbb5403ae431bbabeb470f15d7ef4d514ed6d6a693821d7b957b6Microsoft Internet Explorer 9 suffers from an IEFRAME CView::EnsureSize use-after-free vulnerability.
b2b5dd78f0f70a011a14a49e1cdf07f680ec3894719937a451b916e0f5444cadMicrosoft Internet Explorer 9 suffers from an IEFRAME CMarkupPointer::MoveToGap use-after-free vulnerability.
f949ec22b0e789c30417cfd64057af1e6fd219810c56f6b85cbf6a2d22bdb59fMicrosoft Internet Explorer 9 suffers from an IEFRAME CMarkup..RemovePointerPos use-after-free vulnerability.
634d8d94a12d60ded007a6b665b6c620bb8e0b39af116a7c06ea2a618e27cd38Microsoft Internet Explorer 9 suffers from an MSHTML CMarkup::ReloadInCompatView use-after-free vulnerability.
85cb5f19ffcd1562e5f3a0a4493985c462ccbaa11c50ec45b0b92b3398331868A specially crafted web-page can trigger a use-after-free vulnerability in Microsoft Internet Explorer 9.
2caad03d14f004a21e06b3dd446dc9f5e7efd05a954a1d10a8f6509b09549157Microsoft Internet Explorer 9 suffers from an MSHTML CElement::HasFlag memory corruption vulnerability.
de3ff417c37e84e841ea8288009472116064d0e0a99e0de7496deda50abc3949A specially crafted web-page can trigger a memory corruption vulnerability in Microsoft Internet Explorer 9.
54b341fddfea2f1cf14653a7fcdc53aab898df52cede73893904cd4655d53ec1Microsoft Internet Explorer version 9 suffers from an MSHTML CDispNode::InsertSiblingNode use-after-free vulnerability.
391989ad1173c144a4f9597886435a16e0b65b6502cd7fd4d5d45f1b77eada54A specially crafted web-page can trigger a memory corruption vulnerability in Microsoft Internet Explorer 9. A pointer set up to point to certain data on the stack can be used after that data has been removed from the stack. This results in a stack-based analog to a heap use-after-free vulnerability. The stack memory where the data was stored can be modified by an attacker before it is used, allowing remote code execution.
2181d9fec4fc8ff576c68d4466f163e14f8053fbd37a0a6039c5e12080b6e94cA specially crafted web-page can trigger a memory corruption vulnerability in Microsoft Edge.
dbee67cc4774436af0a97fc95c4282934e4d90645ab6bff130f5ae660df69677Microsoft Internet Explorer 9 suffers from a CDoc::ExecuteScriptUri use-after-free vulnerability.
f9de3f975097a011dab5539752963abe5f2eb046c2e32c8d386d3f8e8c1aa4a4Opera suffers from a foreignObject textNode::removeChild use-after-free vulnerability.
9cc42e69eae1ca521e8968289d7d5db932201ee29bd95e6b3b41610ffbe6890cA specially crafted web-page can trigger a memory corruption vulnerability in Microsoft Edge.
6ba927cdd17ccd5b55048e77c1cd5525162f01de3ee491858224ceb7d2258621A specially crafted web-page can trigger an unknown memory corruption vulnerability in Google Chrome Accessibility code. An attacker can cause code to attempt to execute a method of an object using a vftable, when the pointer to that object is not valid, or the object is not of the expected type. Successful exploitation can lead to arbitrary code execution.
2e778c3221fa3eaf8abf088d1e8b32a2d106db4dc5bdebdb26527e31a4f3f729A specially crafted web-page can cause a type confusion vulnerability in Microsoft Internet Explorer 8 through to 11. An attacker can cause code to be executed with a stack layout it does not expect, or have code attempt to execute a method of an object using a vftable, when that object does not have a vftable. Successful exploitation can lead to arbitrary code execution.
5b4fcdc09df2a675998ba07391f886bc44311a54330a1fde5e090c06b5c8871eA specially crafted web-page can cause a type confusion in HTML layout in Microsoft Internet Explorer 11. An attacker might be able to exploit this issue to execute arbitrary code.
3740764f86f5d2fd2f3b6f223477002163bbc951712e7b3c6a6dffc53f30b30bA specially crafted web-page can cause Microsoft Internet Explorer 10 to continue to use an object after freeing the memory used to store the object. An attacker might be able to exploit this issue to execute arbitrary code.
280f6bbd3b893f6ed43cb5145b66686fa4ee9ba2175cea9921b79d70736f92c8A specially crafted web-page can cause the blink rendering engine used by Google Chrome and Chromium to continue to use a speech recognition API object after the memory block that contained the object has been freed. An attacker can force the code to read a pointer from the freed memory and use this to call a function, allowing arbitrary code execution. Google Chrome version 39.0 is affected.
55331823f8dfff200255c77a7bbd5aa302935b3af6f4e3f1ef14fc56b9da6164A specially crafted web-page can cause Microsoft Internet Explorer 8 to attempt to read data beyond the boundaries of a memory allocation. The issue does not appear to be easily exploitable.
401440c68b1412518e4b354f8345508179c046033ef8057964dd02d484e451bcMicrosoft Internet Explorer 8 suffers from an MSHTML Ptls5::LsFindSpanVisualBoundaries memory corruption vulnerability.
39193e6a0c7f58240b0b440fbf410393465f8e4e139f4ef637e931620333d816A specially crafted web-page can cause an integer underflow in Microsoft Edge. This causes CTextExtractor::GetBlockText to read data outside of the bounds of a memory block.
a984d8735416e8243d6142b60aab6cfce17d75a9759a5602e935e16a782f911eA specially crafted web-page can cause the iertutil.dll module of Microsoft Internet Explorer 11 to free some memory while it still holds a reference to this memory. The module can be made to use this reference after the memory has been freed. Unlike many use-after-free bugs in MSIE, this issue, and apparently all code in this module, is not mitigated by MemGC. This issue appears to have been addressed in July 2016, as it failed to reproduce after the July security updates were installed.
01af43626269ff73fc6b2ea76ed5f2d57b9d1846e598b777c8690711208858f4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed