CVSS: 4.3EPSS: 91%CPEs: 2EXPL: 3CVE-2006-1626 – Microsoft Internet Explorer 5 - Address Bar Spoofing
https://notcve.org/view.php?id=CVE-2006-1626
Internet Explorer 6 for Windows XP SP2 and earlier allows remote attackers to spoof the address bar and possibly conduct phishing attacks by re-opening the window to a malicious Shockwave Flash application, then changing the window location back to a trusted URL while the Flash application is still loading. NOTE: this is a different vulnerability than CVE-2006-1192. • https://www.exploit-db.com/exploits/27577 http://secunia.com/Internet_Explorer_Address_Bar_Spoofing_Vulnerability_Test http://secunia.com/advisories/19521 http://securitytracker.com/id?1016291 http://www.securityfocus.com/archive/1/429719/100/0/threaded http://www.securityfocus.com/archive/1/429891/100/0/threaded http://www.securityfocus.com/archive/1/440851/100/100/threaded http://www.securityfocus.com/bid/17404 http://www.vupen.com/english/advisories/2006/1218 http://www. • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 65%CPEs: 3EXPL: 1CVE-2006-1388 – Microsoft Internet Explorer - HTML Tag Memory Corruption (MS06-013)
https://notcve.org/view.php?id=CVE-2006-1388
Unspecified vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to execute HTA files via unknown vectors. • https://www.exploit-db.com/exploits/1838 http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1415.html http://jeffrey.vanderstad.net/grasshopper http://news.zdnet.com/2100-1009_22-6052396.html?tag=zdfd.newsfeed http://secunia.com/advisories/19378 http://securitytracker.com/id?1015800 http://www.kb.cert.org/vuls/id/434641 http://www.osvdb.org/24095 http://www.securityfocus.com/bid/17181 http://www.us-cert.gov/cas/techalerts/TA06-101A.html http://www.vupen&# •
CVSS: 9.3EPSS: 97%CPEs: 4EXPL: 6CVE-2006-1359 – Microsoft Internet Explorer - HTML Tag Memory Corruption (MS06-013)
https://notcve.org/view.php?id=CVE-2006-1359
Microsoft Internet Explorer 6 and 7 Beta 2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a certain createTextRange call on a checkbox object, which results in a dereference of an invalid table pointer. • https://www.exploit-db.com/exploits/1838 https://www.exploit-db.com/exploits/1628 https://www.exploit-db.com/exploits/1606 https://www.exploit-db.com/exploits/1620 https://www.exploit-db.com/exploits/16578 http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1427.html http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1430.html http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1434.html http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1662. • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 88%CPEs: 1EXPL: 2CVE-2006-1016 – Microsoft Internet Explorer - isComponentInstalled Overflow
https://notcve.org/view.php?id=CVE-2006-1016
Buffer overflow in the IsComponentInstalled method in Internet Explorer 6.0, when used on Windows 2000 before SP4 or Windows XP before SP1, allows remote attackers to execute arbitrary code via JavaScript that calls IsComponentInstalled with a long first argument. • https://www.exploit-db.com/exploits/16549 http://metasploit.com/projects/Framework/exploits.html#ie_iscomponentinstalled http://www.metasploit.com/projects/Framework/modules/exploits/ie_iscomponentinstalled.pm http://www.securityfocus.com/bid/16870 https://exchange.xforce.ibmcloud.com/vulnerabilities/24923 •
CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 0CVE-2006-0830
https://notcve.org/view.php?id=CVE-2006-0830
The scripting engine in Internet Explorer allows remote attackers to cause a denial of service (resource consumption) and possibly execute arbitrary code via a web page that contains a recurrent call to an infinite loop in Javascript or VBscript, which consumes the stack, as demonstrated by resetting the "location" variable within the loop. • http://www.securityfocus.com/archive/1/425283/100/0/threaded http://www.securityfocus.com/archive/1/425378/100/0/threaded http://www.securityfocus.com/bid/16687 https://exchange.xforce.ibmcloud.com/vulnerabilities/24788 •