This module exploits a use after free in Internet Explorer by using a SetMouseCapture vulnerability in MSHTML. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a Use-After-Free vulnerability on Internet Explorer 7. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a Use-After-Free vulnerability on Internet Explorer 6 and 7. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a use-after-free vulnerability in the MSHTML component in Internet Explorer. The specific error occurs due to the way Internet Explorer handles objects in memory. It is possible to use a pointer in CTableRowCellsCollectionCacheItem::GetNext after it gets freed and get remote code execution. This vulnerability was one of the 2012's Pwn2Own challenges.
Microsoft Internet Explorer 8 is prone to a heap overflow vulnerability caused by an incorrect handling of the span attribute for col elements from a fixed table, when they are modified dynamically by javascript code. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
A use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012. This module runs a web server waiting for vulnerable clients to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting an invalid pointer reference in Internet Explorer.
This module exploits a buffer overflow vulnerability in Microsoft Internet Explorer when processing a specially crafted html file with CSS clip attribute. This update adds support for Windows Vista and Internet Explorer 7.
This module exploits an integer overflow vulnerability in the Vector Markup Language (VML) on Internet Explorer. The vulnerability exists in the handling of the dashstyle.array length for VML shapes on the vgx.dll module. This vulnerability was one of the 2013's Pwn2Own challenges.