CVSS: 9.3EPSS: 97%CPEs: 3EXPL: 7CVE-2006-3730 – Microsoft Internet Explorer - WebViewFolderIcon setSlice()
https://notcve.org/view.php?id=CVE-2006-3730
Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads to an invalid memory copy. Desbordamiento de entero en Microsoft Internet Explorer 6 sobre Windows XP SP2 permite a atacantes remotos provocar denegación de servicio (caida) y ejecutar código de su elección a través deun argumento 0x7fffffff en el método setSlice sobre un objeto ActiveX WebViewFolderIcon, el cual dará lugar a una copia de memoria no válida. • https://www.exploit-db.com/exploits/2458 https://www.exploit-db.com/exploits/2460 https://www.exploit-db.com/exploits/2448 https://www.exploit-db.com/exploits/2440 https://www.exploit-db.com/exploits/16564 http://browserfun.blogspot.com/2006/07/mobb-18-webviewfoldericon-setslice.html http://isc.sans.org/diary.php?storyid=1742 http://riosec.com/msie-setslice-vuln http://secunia.com/advisories/22159 http://securitytracker.com/id?1016941 http://www.kb.cert.org/vuls/ • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.0EPSS: 92%CPEs: 4EXPL: 3CVE-2006-3511 – Microsoft Internet Explorer 6 - 'HtmlDlgSafeHelper' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2006-3511
Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by setting the fonts property of the HtmlDlgSafeHelper object, which triggers a null dereference. Internet Explorer 6 on Windows XP SP2 permite a atacantes remotos provocar una denegación de servicio (caída) activando la propiedad fonts del objeto HtmlDlgSafeHelper, lo que dispara una referencia nula. • https://www.exploit-db.com/exploits/28202 http://browserfun.blogspot.com/2006/07/mobb-11-htmldlgsafehelper-fonts.html http://www.osvdb.org/27055 http://www.securityfocus.com/bid/18929 http://www.vupen.com/english/advisories/2006/2743 https://exchange.xforce.ibmcloud.com/vulnerabilities/27649 •
CVSS: 5.0EPSS: 94%CPEs: 4EXPL: 2CVE-2006-3512 – Microsoft Internet Explorer 6 - Object.Microsoft.DXTFilter Denial of Service
https://notcve.org/view.php?id=CVE-2006-3512
Internet Explorer 6 on Windows XP allows remote attackers to cause a denial of service (crash) by setting the Enabled property of a DXTFilter ActiveX object to true, which triggers a null dereference. Internet Explorer 6 on Windows XP permite a atacantes remotos provocar una denegación de servicio (caída) activando la propiedad Enabled de un objeto ActiveX DXTFilter a verdadero, lo que dispara una referencia nula. • https://www.exploit-db.com/exploits/28197 http://www.osvdb.org/27014 http://www.securityfocus.com/bid/18903 http://www.vupen.com/english/advisories/2006/2732 https://exchange.xforce.ibmcloud.com/vulnerabilities/27623 •
CVSS: 6.8EPSS: 90%CPEs: 32EXPL: 0CVE-2006-2378
https://notcve.org/view.php?id=CVE-2006-2378
Buffer overflow in the ART Image Rendering component (jgdw400.dll) in Microsoft Windows XP SP1 and Sp2, Server 2003 SP1 and earlier, and Windows 98 and Me allows remote attackers to execute arbitrary code via a crafted ART image that causes heap corruption. • http://secunia.com/advisories/20605 http://securitytracker.com/id?1016292 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=407 http://www.kb.cert.org/vuls/id/923236 http://www.osvdb.org/26432 http://www.securityfocus.com/bid/18394 http://www.us-cert.gov/cas/techalerts/TA06-164A.html http://www.vupen.com/english/advisories/2006/2320 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-022 https://exchange.xforce.ibmcloud.com/vulnera •
CVSS: 9.3EPSS: 88%CPEs: 2EXPL: 0CVE-2006-2218
https://notcve.org/view.php?id=CVE-2006-2218
Unspecified vulnerability in Internet Explorer 6.0 on Microsoft Windows XP SP2 allows remote attackers to execute arbitrary code via "exceptional conditions" that trigger memory corruption, as demonstrated using an exception handler and nested object tags, a variant of CVE-2006-1992. • http://secunia.com/advisories/19762 http://secunia.com/secunia_research/2006-41/advisory http://securitytracker.com/id?1016291 http://www.kb.cert.org/vuls/id/338828 http://www.osvdb.org/27475 http://www.securityfocus.com/archive/1/437099/100/0/threaded http://www.securityfocus.com/bid/17820 http://www.us-cert.gov/cas/techalerts/TA06-164A.html http://www.vupen.com/english/advisories/2006/2319 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms •