CVE-2006-1359 – Microsoft Internet Explorer - HTML Tag Memory Corruption (MS06-013)
https://notcve.org/view.php?id=CVE-2006-1359
Microsoft Internet Explorer 6 and 7 Beta 2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a certain createTextRange call on a checkbox object, which results in a dereference of an invalid table pointer. • https://www.exploit-db.com/exploits/1838 https://www.exploit-db.com/exploits/1628 https://www.exploit-db.com/exploits/1606 https://www.exploit-db.com/exploits/1620 https://www.exploit-db.com/exploits/16578 http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1427.html http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1430.html http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1434.html http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1662. • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2006-1245 – Microsoft Internet Explorer - HTML Tag Memory Corruption (MS06-013)
https://notcve.org/view.php?id=CVE-2006-1245
Buffer overflow in mshtml.dll in Microsoft Internet Explorer 6.0.2900.2180, and probably other versions, allows remote attackers to execute arbitrary code via an HTML tag with a large number of script action handlers such as onload and onmouseover, as demonstrated using onclick, aka the "Multiple Event Handler Memory Corruption Vulnerability." • https://www.exploit-db.com/exploits/1838 https://www.exploit-db.com/exploits/27433 http://archives.neohapsis.com/archives/bugtraq/2006-02/0855.html http://secunia.com/advisories/18957 http://secunia.com/advisories/19269 http://securitytracker.com/id?1015794 http://www.kb.cert.org/vuls/id/984473 http://www.osvdb.org/23964 http://www.securityfocus.com/archive/1/428810/100/0/threaded http://www.securityfocus.com/archive/1/453436/100/0/threaded http://www.securityf •
CVE-2005-4827
https://notcve.org/view.php?id=CVE-2005-4827
Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) and using tab, newline, and carriage return characters within the first argument (method name), which is supported by some proxy servers that convert tabs to spaces. NOTE: this issue can be leveraged to conduct referer spoofing, HTTP Request Smuggling, and other attacks. • http://seclists.org/fulldisclosure/2007/Feb/0081.html http://www.securityfocus.com/archive/1/411585 http://www.securityfocus.com/archive/1/459172/100/0/threaded http://www.securityfocus.com/bid/14969 •
CVE-2005-4717 – Microsoft Internet Explorer 6 - Malformed HTML Parsing Denial of Service
https://notcve.org/view.php?id=CVE-2005-4717
Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1, Windows XP SP2, and Windows Server 2003 SP1 allows remote attackers to cause a denial of service (client crash) via a certain combination of a malformed HTML file and a CSS file that triggers a null dereference, probably related to rendering of a DIV element that contains a malformed IMG tag, as demonstrated by IEcrash.htm and IEcrash.rar. • https://www.exploit-db.com/exploits/26457 http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0673.html http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0127.html http://www.securityfocus.com/bid/15268 •
CVE-2005-3240
https://notcve.org/view.php?id=CVE-2005-3240
Race condition in Microsoft Internet Explorer allows user-assisted attackers to overwrite arbitrary files and possibly execute code by tricking a user into performing a drag-and-drop action from certain objects, such as file objects within a folder view, then predicting the drag action, and re-focusing to a malicious window. • http://blogs.technet.com/msrc/archive/2006/02/13/419439.aspx http://secunia.com/advisories/18787 http://securitytracker.com/id?1015049 http://www.osvdb.org/2707 http://www.securiteam.com/windowsntfocus/5MP0B0UHPA.html http://www.securityfocus.com/archive/1/424863/100/0/threaded http://www.securityfocus.com/archive/1/424940/100/0/threaded http://www.securityfocus.com/bid/16352 http://www.vupen.com/english/advisories/2006/0553 https://exchange.xforce.ibmcloud.com/vulnerabilities • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •