CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Microsoft » Internet Explorer » 8 : Security Vulnerabilities

Cpe Name:cpe:/a:microsoft:internet_explorer:8
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2014-2809 119 DoS Exec Code Overflow Mem. Corr. 2014-07-08 2014-07-17
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2800 and CVE-2014-2807.
2 CVE-2014-2807 119 DoS Exec Code Overflow Mem. Corr. 2014-07-08 2014-07-17
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2800 and CVE-2014-2809.
3 CVE-2014-2804 119 DoS Exec Code Overflow Mem. Corr. 2014-07-08 2014-07-17
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2789, CVE-2014-2795, and CVE-2014-2798.
4 CVE-2014-2803 119 DoS Exec Code Overflow Mem. Corr. 2014-07-08 2014-07-17
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
5 CVE-2014-2800 119 DoS Exec Code Overflow Mem. Corr. 2014-07-08 2014-07-17
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2807 and CVE-2014-2809.
6 CVE-2014-2798 119 DoS Exec Code Overflow Mem. Corr. 2014-07-08 2014-07-17
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2789, CVE-2014-2795, and CVE-2014-2804.
7 CVE-2014-2797 119 DoS Exec Code Overflow Mem. Corr. 2014-07-08 2014-07-17
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
8 CVE-2014-2795 119 DoS Exec Code Overflow Mem. Corr. 2014-07-08 2014-07-17
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2789, CVE-2014-2798, and CVE-2014-2804.
9 CVE-2014-2789 119 DoS Exec Code Overflow Mem. Corr. 2014-07-08 2014-07-17
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2795, CVE-2014-2798, and CVE-2014-2804.
10 CVE-2014-2783 264 Bypass 2014-07-08 2014-07-17
6.4
None Remote Low Not required Partial Partial None
Microsoft Internet Explorer 7 through 11 does not prevent use of wildcard EV SSL certificates, which might allow remote attackers to spoof a trust level by leveraging improper issuance of a wildcard certificate by a recognized Certification Authority, aka "Extended Validation (EV) Certificate Security Feature Bypass Vulnerability."
11 CVE-2014-2777 94 2014-06-11 2014-07-24
7.5
User Remote Low Not required Partial Partial Partial
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary web script with increased privileges via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-1778.
12 CVE-2014-2773 119 DoS Exec Code Overflow Mem. Corr. 2014-06-11 2014-06-26
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2768.
13 CVE-2014-2770 119 DoS Exec Code Overflow Mem. Corr. 2014-06-11 2014-06-26
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1781, CVE-2014-1792, and CVE-2014-1804.
14 CVE-2014-2768 119 DoS Exec Code Overflow Mem. Corr. 2014-06-11 2014-06-26
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2773.
15 CVE-2014-2757 119 DoS Exec Code Overflow Mem. Corr. 2014-06-11 2014-06-26
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0282, CVE-2014-1775, CVE-2014-1779, CVE-2014-1799, and CVE-2014-1803.
16 CVE-2014-1815 119 DoS Exec Code Overflow Mem. Corr. 2014-05-14 2014-06-30
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as exploited in the wild in May 2014, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0310.
17 CVE-2014-1804 119 DoS Exec Code Overflow Mem. Corr. 2014-06-11 2014-06-26
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1781, CVE-2014-1792, and CVE-2014-2770.
18 CVE-2014-1803 119 DoS Exec Code Overflow Mem. Corr. 2014-06-11 2014-06-26
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0282, CVE-2014-1775, CVE-2014-1779, CVE-2014-1799, and CVE-2014-2757.
19 CVE-2014-1800 119 DoS Exec Code Overflow Mem. Corr. 2014-06-11 2014-06-26
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
20 CVE-2014-1799 119 DoS Exec Code Overflow Mem. Corr. 2014-06-11 2014-06-26
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0282, CVE-2014-1775, CVE-2014-1779, CVE-2014-1803, and CVE-2014-2757.
21 CVE-2014-1796 119 DoS Exec Code Overflow Mem. Corr. 2014-06-11 2014-06-26
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 and 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
22 CVE-2014-1792 119 DoS Exec Code Overflow Mem. Corr. 2014-06-11 2014-06-26
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1781, CVE-2014-1804, and CVE-2014-2770.
23 CVE-2014-1791 119 DoS Exec Code Overflow Mem. Corr. 2014-06-11 2014-06-26
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
24 CVE-2014-1781 119 DoS Exec Code Overflow Mem. Corr. 2014-06-11 2014-06-26
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1792, CVE-2014-1804, and CVE-2014-2770.
25 CVE-2014-1779 119 DoS Exec Code Overflow Mem. Corr. 2014-06-11 2014-06-26
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0282, CVE-2014-1775, CVE-2014-1799, CVE-2014-1803, and CVE-2014-2757.
26 CVE-2014-1778 264 2014-06-11 2014-06-26
6.8
None Remote Medium Not required Partial Partial Partial
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary web script with increased privileges via unspecified vectors, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2014-2777.
27 CVE-2014-1776 94 DoS Exec Code Mem. Corr. 2014-04-27 2014-05-16
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014. NOTE: this issue originally emphasized VGX.DLL, but Microsoft clarified that "VGX.DLL does not contain the vulnerable code leveraged in this exploit. Disabling VGX.DLL is an exploit-specific workaround that provides an immediate, effective workaround to help block known attacks."
28 CVE-2014-1775 119 DoS Exec Code Overflow Mem. Corr. 2014-06-11 2014-06-26
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0282, CVE-2014-1779, CVE-2014-1799, CVE-2014-1803, and CVE-2014-2757.
29 CVE-2014-1771 310 +Info 2014-06-11 2014-06-26
6.8
None Remote Medium Not required Partial Partial Partial
SChannel in Microsoft Internet Explorer 6 through 11 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-the-middle attackers to obtain sensitive information or modify TLS session data via a "triple handshake attack," aka "TLS Server Certificate Renegotiation Vulnerability."
30 CVE-2014-1770 399 Exec Code 2014-05-22 2014-06-18
9.3
None Remote Medium Not required Complete Complete Complete
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript code that interacts improperly with a CollectGarbage function call on a CMarkup object allocated by the CMarkup::CreateInitialMarkup function.
31 CVE-2014-1753 119 DoS Exec Code Overflow Mem. Corr. 2014-04-08 2014-04-09
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
32 CVE-2014-0324 119 DoS Exec Code Overflow Mem. Corr. 2014-03-12 2014-03-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0297, CVE-2014-0308, and CVE-2014-0312.
33 CVE-2014-0312 119 DoS Exec Code Overflow Mem. Corr. 2014-03-12 2014-03-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0297, CVE-2014-0308, and CVE-2014-0324.
34 CVE-2014-0311 119 DoS Exec Code Overflow Mem. Corr. 2014-03-12 2014-03-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0299 and CVE-2014-0305.
35 CVE-2014-0310 119 DoS Exec Code Overflow Mem. Corr. 2014-05-14 2014-05-14
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1815.
36 CVE-2014-0309 119 DoS Exec Code Overflow Mem. Corr. 2014-03-12 2014-03-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
37 CVE-2014-0308 119 DoS Exec Code Overflow Mem. Corr. 2014-03-12 2014-03-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0297, CVE-2014-0312, and CVE-2014-0324.
38 CVE-2014-0306 119 DoS Exec Code Overflow Mem. Corr. 2014-03-12 2014-03-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
39 CVE-2014-0305 119 DoS Exec Code Overflow Mem. Corr. 2014-03-12 2014-03-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0299 and CVE-2014-0311.
40 CVE-2014-0303 119 DoS Exec Code Overflow Mem. Corr. 2014-03-12 2014-03-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0302.
41 CVE-2014-0302 119 DoS Exec Code Overflow Mem. Corr. 2014-03-12 2014-03-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0303.
42 CVE-2014-0299 119 DoS Exec Code Overflow Mem. Corr. 2014-03-12 2014-03-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0305 and CVE-2014-0311.
43 CVE-2014-0297 119 DoS Exec Code Overflow Mem. Corr. 2014-03-12 2014-03-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0308, CVE-2014-0312, and CVE-2014-0324.
44 CVE-2014-0287 119 DoS Exec Code Overflow Mem. Corr. 2014-02-11 2014-02-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0281.
45 CVE-2014-0286 119 DoS Exec Code Overflow Mem. Corr. 2014-02-11 2014-02-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0275 and CVE-2014-0285.
46 CVE-2014-0285 119 DoS Exec Code Overflow Mem. Corr. 2014-02-11 2014-02-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0275 and CVE-2014-0286.
47 CVE-2014-0282 119 DoS Exec Code Overflow Mem. Corr. 2014-06-11 2014-06-26
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1775, CVE-2014-1779, CVE-2014-1799, CVE-2014-1803, and CVE-2014-2757.
48 CVE-2014-0281 119 DoS Exec Code Overflow Mem. Corr. 2014-02-11 2014-02-13
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0287.
49 CVE-2014-0280 119 DoS Exec Code Overflow Mem. Corr. 2014-02-11 2014-02-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
50 CVE-2014-0279 119 DoS Exec Code Overflow Mem. Corr. 2014-02-11 2014-02-13
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0277 and CVE-2014-0278.
Total number of vulnerabilities : 160   Page : 1 (This Page)2 3 4
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.