CVSS: 7.6EPSS: 8%CPEs: 2EXPL: 0CVE-2006-2385
https://notcve.org/view.php?id=CVE-2006-2385
Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted web page that triggers memory corruption when it is saved as a multipart HTML (.mht) file. Vulnerabilidad no especificada en Microsoft Internet Explorer 5.01 SP4 y 6 SP1 y anteriores permite a atacantes asistidos por el usuario ejecutar código de forma arbitraria a través de una página web manipulada que dispara una corrupción de memoria cuando se guarda como un archivo multipart HTML (.mht) • http://secunia.com/advisories/20595 http://securitytracker.com/id?1016291 http://www.osvdb.org/26446 http://www.securityfocus.com/bid/18320 http://www.vupen.com/english/advisories/2006/2319 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-021 https://exchange.xforce.ibmcloud.com/vulnerabilities/26782 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1167 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 2.6EPSS: 89%CPEs: 5EXPL: 2CVE-2006-2766 – Microsoft Windows XP/2000/2003 - MHTML URI Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2006-2766
Buffer overflow in INETCOMM.DLL, as used in Microsoft Internet Explorer 6.0 through 6.0 SP2, Windows Explorer, Outlook Express 6, and possibly other programs, allows remote user-assisted attackers to cause a denial of service (application crash) via a long mhtml URI in the URL value in a URL file. • https://www.exploit-db.com/exploits/27930 http://secunia.com/advisories/20384 http://securitytracker.com/id?1016654 http://www.kb.cert.org/vuls/id/891204 http://www.osvdb.org/25949 http://www.securityfocus.com/archive/1/435492/100/0/threaded http://www.securityfocus.com/archive/1/435609/100/0/threaded http://www.securityfocus.com/archive/1/435616/100/0/threaded http://www.securityfocus.com/bid/18198 http://www.us-cert.gov/cas/techalerts/TA06-220A.html http: •
CVSS: 5.1EPSS: 42%CPEs: 23EXPL: 2CVE-2006-2094 – Microsoft Internet Explorer 5.0.1 - Modal Dialog Manipulation
https://notcve.org/view.php?id=CVE-2006-2094
Microsoft Internet Explorer before Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1, when Prompt is configured in Security Settings, uses modal dialogs to verify that a user wishes to run an ActiveX control or perform other risky actions, which allows user-assisted remote attackers to construct a race condition that tricks a user into clicking an object or pressing keys that are actually applied to a "Yes" approval for executing the control. • https://www.exploit-db.com/exploits/27744 http://archives.neohapsis.com/archives/fulldisclosure/2004-07/0264.html http://archives.neohapsis.com/archives/fulldisclosure/2006-04/0759.html http://archives.neohapsis.com/archives/vulnwatch/2006-q2/0019.html http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/045589.html http://securitytracker.com/id?1015720 http://student.missouristate.edu/m/matthew007/advisories.asp?adv=2006-02 http://www.osvdb.org/22351 http://www.securityfocus.com&# • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 94%CPEs: 23EXPL: 1CVE-2006-1188 – Microsoft Internet Explorer - HTML Tag Memory Corruption (MS06-013)
https://notcve.org/view.php?id=CVE-2006-1188
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption. • https://www.exploit-db.com/exploits/1838 http://secunia.com/advisories/18957 http://securitytracker.com/id?1015900 http://www.kb.cert.org/vuls/id/824324 http://www.securityfocus.com/archive/1/435096/30/4710/threaded http://www.us-cert.gov/cas/techalerts/TA06-101A.html http://www.vupen.com/english/advisories/2006/1318 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval& •
CVSS: 7.5EPSS: 65%CPEs: 3EXPL: 1CVE-2006-1388 – Microsoft Internet Explorer - HTML Tag Memory Corruption (MS06-013)
https://notcve.org/view.php?id=CVE-2006-1388
Unspecified vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to execute HTA files via unknown vectors. • https://www.exploit-db.com/exploits/1838 http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1415.html http://jeffrey.vanderstad.net/grasshopper http://news.zdnet.com/2100-1009_22-6052396.html?tag=zdfd.newsfeed http://secunia.com/advisories/19378 http://securitytracker.com/id?1015800 http://www.kb.cert.org/vuls/id/434641 http://www.osvdb.org/24095 http://www.securityfocus.com/bid/17181 http://www.us-cert.gov/cas/techalerts/TA06-101A.html http://www.vupen&# •