Page 11 of 171 results (0.006 seconds)

CVSS: 7.5EPSS: 69%CPEs: 2EXPL: 0

CVE-2006-3450 – Microsoft Internet Explorer CSS Class Ordering Memory Corruption Vulnerability

https://notcve.org/view.php?id=CVE-2006-3450

Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using the document.getElementByID Javascript function to access crafted Cascading Style Sheet (CSS) elements, and possibly other unspecified vectors involving certain layout positioning combinations in an HTML file. Microsoft Internet Explorer 6 permite a atacantes remotos ejecutar código de su elección usando la función Javascript document.getElementByID para acceder a elementos de Hojas de Estilo en Cascada (CSS) manipulados, y posiblemente otros vectores no especificados relacionados con determinadas combinaciones de posicionamiento en el diseño de un archivo HTML. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific vulnerability exists due to improper handling of CSS class values. Accessing a specially crafted CSS element via document.getElementByID causes a memory corruption eventually leading to code execution. • http://secunia.com/advisories/21396 http://securitytracker.com/id?1016663 http://www.kb.cert.org/vuls/id/119180 http://www.osvdb.org/27855 http://www.securityfocus.com/archive/1/442579/100/0/threaded http://www.securityfocus.com/bid/19312 http://www.us-cert.gov/cas/techalerts/TA06-220A.html http://www.vupen.com/english/advisories/2006/3212 http://www.zerodayinitiative.com/advisories/ZDI-06-027.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/20 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 72%CPEs: 2EXPL: 0

CVE-2006-3451 – Microsoft Internet Explorer Multiple CSS Imports Memory Corruption Vulnerability

https://notcve.org/view.php?id=CVE-2006-3451

Microsoft Internet Explorer 5 SP4 and 6 do not properly garbage collect when "multiple imports are used on a styleSheets collection" to construct a chain of Cascading Style Sheets (CSS), which allows remote attackers to execute arbitrary code via unspecified vectors. Microsoft Internet Explorer 5 SP4 y 6 no recogen adecuadamente la basura cuando "se utilizan múltiples importaciones en una colección de hojas de estilo" para construir una cadena de Hojas de Estilo en Cascada (CSS), lo cual permite a atacantes remotos ejecutar código de su elección a través de vectores no especificados. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists due to improper garbage collection when multiple "imports" are used on a "styleSheets" collection. • http://secunia.com/advisories/21396 http://securityreason.com/securityalert/1343 http://securitytracker.com/id?1016663 http://www.kb.cert.org/vuls/id/262004 http://www.osvdb.org/27854 http://www.securityfocus.com/archive/1/442578/100/0/threaded http://www.securityfocus.com/bid/19316 http://www.us-cert.gov/cas/techalerts/TA06-220A.html http://www.vupen.com/english/advisories/2006/3212 http://www.zerodayinitiative.com/advisories/ZDI-06-026.html https://docs.microsoft • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 59%CPEs: 1EXPL: 2

CVE-2006-3944 – Microsoft Internet Explorer 6 - Multiple Object ListWidth Property Denial of Service Vulnerabilities

https://notcve.org/view.php?id=CVE-2006-3944

Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) via a (1) Forms.ListBox.1 or (2) Forms.ListBox.1 object with the ListWidth property set to (a) 0x7fffffff, which triggers an integer overflow exception, or to (b) 0x7ffffffe, which triggers a null dereference. Microsoft Internet Explorer 6 en Windows XP SP2 permite a atacantes remotos provocar una denegación de servicio (caída) mediante un objeto (1) Forms.ListBox.1 o (2) Forms.ListBox.1 con la propiedad ListWidth establecida a (a) 0x7fffffff, lo cual provoca una excepción de desbordamiento de entero, o a (b) 0x7ffffffe, lo cual provoca una referencia nula. • https://www.exploit-db.com/exploits/28258 http://browserfun.blogspot.com/2006/07/mobb-24-formslistbox1-listwidth.html http://www.osvdb.org/27372 http://www.securityfocus.com/bid/19113 http://www.vupen.com/english/advisories/2006/2954 https://exchange.xforce.ibmcloud.com/vulnerabilities/27931 •

CVSS: 2.6EPSS: 31%CPEs: 1EXPL: 3

CVE-2006-3943 – Microsoft Internet Explorer 6 - NDFXArtEffects Stack Overflow

https://notcve.org/view.php?id=CVE-2006-3943

Stack-based buffer overflow in NDFXArtEffects in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) via long (1) RGBExtraColor, (2) RGBForeColor, and (3) RGBBackColor properties. Desbordamiento de búfer basado en pila en NDFXArtEffects de Microsoft Internet Explorer 6 en Windows XP SP2 permite a atacantes remotos provocar una denegación de servicio (caída) mediante propiedades largas (1) RGBExtraColor, (2) RGBForeColor, y (3) RGBBackColor. • https://www.exploit-db.com/exploits/28286 http://browserfun.blogspot.com/2006/07/mobb-27-ndfxarteffects-rgbextracolor.html http://www.osvdb.org/27530 http://www.securityfocus.com/bid/19184 https://exchange.xforce.ibmcloud.com/vulnerabilities/28046 •

CVSS: 5.0EPSS: 84%CPEs: 1EXPL: 3

CVE-2006-3910 – Microsoft Internet Explorer 6 - OVCtl Denial of Service

https://notcve.org/view.php?id=CVE-2006-3910

Internet Explorer 6 on Windows XP SP2, when Outlook is installed, allows remote attackers to cause a denial of service (crash) by calling the NewDefaultItem function of an OVCtl (OVCtl.OVCtl.1) ActiveX object, which triggers a null dereference. Internet Explorer 6 sobre Windows XP SP2, cuando Outlook está instalado, permite a atacantes remotos provocar denegación de servicio (caida) a través de llamadas a la función NewDefaultItem de un objeto OVCtl (OVCtl.OVCtl.1) ActiveXm lo cual dispara una dereferencia null. • https://www.exploit-db.com/exploits/28246 http://browserfun.blogspot.com/2006/07/mobb-20-ovctl-newdefaultitem.html http://www.osvdb.org/27112 http://www.securityfocus.com/bid/19079 http://www.vupen.com/english/advisories/2006/2915 https://exchange.xforce.ibmcloud.com/vulnerabilities/27845 •