n0o.com - Personal archive of discovered vulns & writeups.

[CVE-2016-3276] Microsoft Browser Spoofing Vulnerability

Reported on : 10 Mar 2016 Shipped on : 15 Jul 2016 Type : XSS based Spoofing In Function : Reading Mode XSS in Reading Mode of Microsoft Edge. Visiting the page with "read:URL". Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability." 
https://github.com/leonwxqian/n0o-vuln-archive/blob/master/CVE-2016-3276.html

[CVE-2016-0161] Remote Privilege Escalation Vulnerability

Reported on : 3 Jan 2016 Shipped on : 13 Apr 2016 Type : XSS based EOP In Function : Webnote XSS in Webnote of Microsoft Edge, allow JavaScript run incorrectly on file:/// protocol. Microsoft Edge is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. 

https://github.com/leonwxqian/n0o-vuln-archive/blob/master/CVE-2016-0161.html

[CVE-2015-6162] Internet Explorer 10 Memory Corruption Vulnerability

Reported on : 29 Jul 2015 Shipped on : 9 Dec 2015 Type : UAF In Function : MSHTML!CTreeNode::ComputeFormats Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability". 
   https://github.com/leonwxqian/n0o-vuln-archive/blob/master/CVE-2015-6162.html
1  2  3  4