CVSS: 7.5EPSS: 3%CPEs: 6EXPL: 0CVE-2006-5884
https://notcve.org/view.php?id=CVE-2006-5884
Multiple unspecified vulnerabilities in DirectAnimation ActiveX controls for Microsoft Internet Explorer 5.01 through 6 have unknown impact and remote attack vectors, possibly related to (1) Danim.dll and (2) Lmrt.dll, a different set of vulnerabilities than CVE-2006-4446 and CVE-2006-4777. Múltiples vulnerabilidades no especificadas en controles ActiveX DirectAnimation para Microsoft Internet Explorer 5.01 hasta 6 tiene impacto y vectores desconocidos, posiblemente relacionados con (1) Danim.dll y (2) Lmrt.dll, un conjunto diferente de vulnerabilidades que CVE-2006-4446 y CVE-2006-4777. • http://www.osvdb.org/31324 http://www.us-cert.gov/cas/techalerts/TA06-318A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-067 •
CVSS: 5.1EPSS: 57%CPEs: 6EXPL: 0CVE-2006-4687 – Microsoft Internet Explorer CSS Float Property Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2006-4687
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via crafted layout combinations involving DIV tags and HTML CSS float properties that trigger memory corruption, aka "HTML Rendering Memory Corruption Vulnerability." Microsoft Internet Explorer 5.01 hasta 6 permite a atacantes remotos ejecutar código de su elección mediante combinaciones de diseño artesanales implicando etiquetas DIV y propiedades float de HTML CSS que disparan una corrupción de memoria, también conocido como "Vulnerabilidad de corrupción de memoria al traducir HTML". This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific vulnerability exists due to improper parsing of HTML CSS 'float' properties. By ordering specially crafted 'div' tags in a web page, memory corruption can occur leading to remote code execution. • http://securitytracker.com/id?1017223 http://www.kb.cert.org/vuls/id/197852 http://www.osvdb.org/31323 http://www.securityfocus.com/archive/1/451590/100/100/threaded http://www.securityfocus.com/bid/21020 http://www.us-cert.gov/cas/techalerts/TA06-318A.html http://www.vupen.com/english/advisories/2006/4505 http://www.zerodayinitiative.com/advisories/ZDI-06-041.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-067 https://exchange.xforce • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 17%CPEs: 12EXPL: 3CVE-2006-5162 – Microsoft Internet Explorer 6 - 'Content-Type' Stack Overflow Crash
https://notcve.org/view.php?id=CVE-2006-5162
wininet.dll in Microsoft Internet Explorer 6.0 SP2 and earlier allows remote attackers to cause a denial of service (unhandled exception and crash) via a long Content-Type header, which triggers a stack overflow. wininet.dll en Microsoft Internet Explorer 6.0 SP2 y anteriores permite a atacantes remotos provocar una denegación de servicio (excepción no manejada y caída) mediante una cabecera Content-Type larga, lo cual dispara un desbordamiento de pila. • https://www.exploit-db.com/exploits/2039 http://archives.neohapsis.com/archives/bugtraq/2006-07/0379.html http://securityreason.com/securityalert/1683 http://www.osvdb.org/29129 http://www.securityfocus.com/bid/19092 http://www.vupen.com/english/advisories/2006/2917 https://exchange.xforce.ibmcloud.com/vulnerabilities/27900 •
CVSS: 9.3EPSS: 23%CPEs: 13EXPL: 5CVE-2006-4868 – MS06-055 Microsoft Internet Explorer VML Fill Method Code Execution
https://notcve.org/view.php?id=CVE-2006-4868
Stack-based buffer overflow in the Vector Graphics Rendering engine (vgx.dll), as used in Microsoft Outlook and Internet Explorer 6.0 on Windows XP SP2, and possibly other versions, allows remote attackers to execute arbitrary code via a Vector Markup Language (VML) file with a long fill parameter within a rect tag. Desbordamiento de búfer basado en el motor Vector Graphics Rendering (vgx.dll), tal y como se usa en Microsoft Outlook e Internet Explorer 6.0 en Windows XP SP2 y posiblemente otras versiones permite a atacantes remotos ejecutar código de su elección mediante un fichero Vector Markup Language (VML) con un parámetro "fill" largo dentro de una etiqueta "rect". • https://www.exploit-db.com/exploits/2425 https://www.exploit-db.com/exploits/16597 https://www.exploit-db.com/exploits/2426 http://blogs.securiteam.com/index.php/archives/624 http://secunia.com/advisories/21989 http://securitytracker.com/id?1016879 http://sunbeltblog.blogspot.com/2006/09/seen-in-wild-zero-day-exploit-being.html http://support.microsoft.com/kb/925486 http://www.kb.cert.org/vuls/id/416092 http://www.microsoft.com/technet/security/advisory/925568.mspx ht • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 56%CPEs: 2EXPL: 0CVE-2006-3639
https://notcve.org/view.php?id=CVE-2006-3639
Microsoft Internet Explorer 5.01 and 6 does not properly identify the originating domain zone when handling redirects, which allows remote attackers to read cross-domain web pages and possibly execute code via unspecified vectors involving a crafted web page, aka "Source Element Cross-Domain Vulnerability." Microsoft Internet Explorer 5.01 y 6 no identifica adecuadamente la zona de dominio que origina cuando maneja la redirección, lo cual permite a un atacante remoto leer páginas web de dominios cruzados y posiblemente ejecutar código a través de vectores no especificados que afectan a páginas web manipuladas, también conocido como "Vulnerabilidad de Elemento Fuente de Cruce de Dominios". • http://secunia.com/advisories/21396 http://securitytracker.com/id?1016663 http://www.kb.cert.org/vuls/id/252764 http://www.osvdb.org/27851 http://www.securityfocus.com/bid/19400 http://www.us-cert.gov/cas/techalerts/TA06-220A.html http://www.vupen.com/english/advisories/2006/3212 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-042 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A577 •