Scott Bell - Security Researcher - Exploit Intelligence Platform

CVE-2013-0025 METASPLOIT ruby WORKING POC

Microsoft Internet Explorer 8 - Remote Code Execution via SLayoutRun Use-After-Free

Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer SLayoutRun Use After Free Vulnerability."

View Code

CVE-2013-0025 EXPLOITDB ruby WORKING POC

Microsoft Internet Explorer 8 - Remote Code Execution via SLayoutRun Use-After-Free

Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer SLayoutRun Use After Free Vulnerability."

View Code

CVE-2013-0025 EXPLOITDB ruby WORKING POC

Microsoft Internet Explorer 8 - Remote Code Execution via SLayoutRun Use-After-Free

Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer SLayoutRun Use After Free Vulnerability."

View Code

CVE-2013-1311 EXPLOITDB ruby WORKING POC

Microsoft Internet Explorer 8 - Use After Free

Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability."

View Code

CVE-2011-2089 EXPLOITDB ruby WORKING POC

ICONICS BizViz <9.22, GENESIS32 <9.22 - RCE

Stack-based buffer overflow in the SetActiveXGUID method in the VersionInfo ActiveX control in GenVersion.dll 8.0.138.0 in the WebHMI subsystem in ICONICS BizViz 9.x before 9.22 and GENESIS32 9.x before 9.22 allows remote attackers to execute arbitrary code via a long string in the argument. NOTE: some of these details are obtained from third party information.

View Code

CVE-2016-7202 EXPLOITDB HIGH html WORKING POC

Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption

The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," as demonstrated by the Chakra JavaScript engine, a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243.

CVSS 7.5

View Code