CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2006-7039
https://notcve.org/view.php?id=CVE-2006-7039
23 Feb 2007 — The IMAP4 service in MERCUR Messaging 2005 before Service Pack 4 allows remote attackers to cause a denial of service (crash) via a message with a long subject field. El servicio IMAP4 en MERCUR Messaging 2005 anterior a Service Pack 4 permite a atacantes remotos provocar denegación de servicio (caida) a través de un mensaje con un campo subject. • http://secunia.com/advisories/20432 •
CVSS: 9.8EPSS: 4%CPEs: 18EXPL: 2CVE-2007-1043 – Ezboo Webstats 3.03 - Administrative Authentication Bypass
https://notcve.org/view.php?id=CVE-2007-1043
21 Feb 2007 — Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to (1) update.php and (2) config.php. Ezboo webstats, posiblemente la 3.0.3, permite a atacantes remotos evitar la autenticación y obtener una vía de acceso mediante una petición directa al (1) update.php y (2) config.php. • https://www.exploit-db.com/exploits/29610 •
CVSS: 9.3EPSS: 5%CPEs: 7EXPL: 2CVE-2006-6261 – Quintessential Player 4.50.1.82 - Playlist Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2006-6261
04 Dec 2006 — Buffer overflow in Quintessential Player 4.50.1.82 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) M3u or (2) M3u-8 file; or a (3) crafted PLS file with a long value in the (a) NumberofEntries, (b) Length (aka Length1), (c) Filename (aka File1), (d) Title (aka Title1) field, or other unspecified fields. Desbordamiento de búfer en Quintessential Player 4.50.1.82 y anteriores permite a atacantes remotos provocar una denegación de s... • https://www.exploit-db.com/exploits/2860 •
CVSS: 9.8EPSS: 67%CPEs: 59EXPL: 1CVE-2006-2379 – Microsoft Windows - TCP/IP Protocol Driver Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-2379
13 Jun 2006 — Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing. • https://www.exploit-db.com/exploits/1967 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.4EPSS: 52%CPEs: 62EXPL: 0CVE-2006-0034
https://notcve.org/view.php?id=CVE-2006-0034
09 May 2006 — Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to the BuildContextW or BuildContext opcode, which triggers a bug in the NdrAllocate function, aka the MSDTC Invalid Memory Access Vulnerability. • http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0238.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 33%CPEs: 62EXPL: 0CVE-2006-1184
https://notcve.org/view.php?id=CVE-2006-1184
09 May 2006 — Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0, 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to cause a denial of service (crash) via a BuildContextW request with a large (1) UuidString or (2) GuidIn of a certain length, which causes an out-of-range memory access, aka the MSDTC Denial of Service Vulnerability. NOTE: this is a variant of CVE-2005-2119. • http://secunia.com/advisories/20000 •
CVSS: 7.8EPSS: 29%CPEs: 52EXPL: 2CVE-2006-1591
https://notcve.org/view.php?id=CVE-2006-1591
03 Apr 2006 — Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe allows user-assisted attackers to execute arbitrary code via crafted embedded image data in a .hlp file. desbordamiento de búfer basado en memoria dinámica (heap) en Microsoft Windows Help winhlp32.exe permite a los atacantes asistidos por el usuario ejecutar código arbitrario a través de datos de imagen incrustados creados en un archivo .hlp. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/044748.html •
CVSS: 7.8EPSS: 55%CPEs: 3EXPL: 1CVE-2006-0988 – DNS Amplification Scanner
https://notcve.org/view.php?id=CVE-2006-0988
03 Mar 2006 — The default configuration of the DNS Server service on Windows Server 2003 and Windows 2000, and the Microsoft DNS Server service on Windows NT 4.0, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses. • https://packetstorm.news/files/id/181220 •
CVSS: 9.3EPSS: 67%CPEs: 86EXPL: 0CVE-2006-0010
https://notcve.org/view.php?id=CVE-2006-0010
10 Jan 2006 — Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type (EOT) web font that triggers the overflow during decompression. Desbordamiento de búfer basado en memoria dinámica en T2EMBED.DLL en Microsoft Windows 2000 SP4, XP SP1 y SP2 y Server 2003 hasta la versión SP1, Windows 98 y Windows ME permite a atacant... • http://seclists.org/fulldisclosure/2006/Jan/363 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 14%CPEs: 8EXPL: 3CVE-2005-4717 – Microsoft Internet Explorer 6 - Malformed HTML Parsing Denial of Service
https://notcve.org/view.php?id=CVE-2005-4717
31 Dec 2005 — Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1, Windows XP SP2, and Windows Server 2003 SP1 allows remote attackers to cause a denial of service (client crash) via a certain combination of a malformed HTML file and a CSS file that triggers a null dereference, probably related to rendering of a DIV element that contains a malformed IMG tag, as demonstrated by IEcrash.htm and IEcrash.rar. • https://www.exploit-db.com/exploits/26457 •