Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0, as used by Internet Explorer, accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code by enticing an unsuspecting user to visit a specially crafted web site. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a buffer overflow in Internet Explorer 7 when handling malformed xml data. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
Use-after-free vulnerability in Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code via vectors involving crafted JavaScript code. This module runs a web server waiting for vulnerable clients (Internet Explorer 10) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability. This exploit will only work if the target has Adobe Flash Player 10 or above installed.
This module exploits a Memory Corruption vulnerability on Internet Explorer 8. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. The flaw exists within the Tabular Data Control ActiveX module, if provided a malicious DataURL parameter a stack corruption may occur in the function CTDCCtl::SecurityCHeckDataURL. This module runs a web server waiting for vulnerable clients (Internet Explorer 6) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a vulnerability in Microsoft Internet Explorer when handling a specially crafted STYLE HTML tag when accessed via the document.getElementsByTagName JavaScript function. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
Use-after-free vulnerability in Microsoft Internet Explorer where a CParaElement node is released but a reference is still kept in CDoc. This memory is reused when a CDoc relayout is performed. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a use after free in Internet Explorer by using a SetMouseCapture vulnerability in MSHTML. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a Use-After-Free vulnerability on Internet Explorer 7. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.