CVSS: 9.3EPSS: 90%CPEs: 13EXPL: 1CVE-2007-2221 – Microsoft Internet Explorer 7 - Arbitrary File Rewrite (MS07-027)
https://notcve.org/view.php?id=CVE-2007-2221
08 May 2007 — Unspecified vulnerability in the mdsauth.dll COM object in Microsoft Windows Media Server in the Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; or 7 on Windows Vista allows remote attackers to overwrite arbitrary files via unspecified vectors, aka the "Arbitrary File Rewrite Vulnerability." Vulnerabilidad no especificada en el objeto COM mdsauth.dll de Microsoft Windows Media Server en Microsoft Internet Expl... • https://www.exploit-db.com/exploits/3892 •
CVSS: 9.8EPSS: 89%CPEs: 13EXPL: 0CVE-2007-0945
https://notcve.org/view.php?id=CVE-2007-0945
08 May 2007 — Microsoft Internet Explorer 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; and 7 on Windows Vista allows remote attackers to execute arbitrary code via certain property methods that may trigger memory corruption, aka "Property Memory Corruption Vulnerability." Microsoft Internet Explorer 6 SP1 sobre Windows 2000 SP4; 6 y 7 sobre Windows XP SP2, o Windows Server 2003 SP1 o SP2; y 7 sobre Windows Vista permite a atacantes remotos ejecutar código de su elección a travé... • http://secunia.com/advisories/23769 •
CVSS: 9.3EPSS: 95%CPEs: 14EXPL: 0CVE-2007-0947
https://notcve.org/view.php?id=CVE-2007-0947
08 May 2007 — Use-after-free vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, resulting in accessing deallocated memory of CMarkup objects, aka the second of two "HTML Objects Memory Corruption Vulnerabilities" and a different issue than CVE-2007-0946. Una vulnerabilidad de uso de memoria previamente liberada en Microsoft Internet Explorer 7 en Windows XP SP2, Windows Server 2003 S... • http://secunia.com/advisories/23769 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 92%CPEs: 25EXPL: 0CVE-2007-0942
https://notcve.org/view.php?id=CVE-2007-0942
08 May 2007 — Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; and possibly 7 on Windows Vista does not properly "instantiate certain COM objects as ActiveX controls," which allows remote attackers to execute arbitrary code via a crafted COM object from chtskdic.dll. Microsoft Internet Explorer versión 5.01 SP4 en Windows 2000 SP4; versión 6 SP1 en Windows 2000 SP4; versiones 6 y 7 en Windows XP SP2, o Windows Server 2003 SP... • http://secunia.com/advisories/23769 •
CVSS: 6.5EPSS: 34%CPEs: 41EXPL: 3CVE-2006-7065 – Microsoft Internet Explorer 6.0/7.0 - IFrame Refresh Denial of Service
https://notcve.org/view.php?id=CVE-2006-7065
27 Feb 2007 — Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via an IFRAME with a certain XML file and XSL stylesheet that triggers a crash in mshtml.dll when a refresh is called, probably a null pointer dereference. Microsoft Internet Explorer permite a atacantes remotos provocar denegación de servicio (caida) a través de un IFRAME con ciertos archivos XML y plantillas de estilo XSL que disparan una cauda en mshtml.dll cuando un se llama se solicita un refresco de cotenido, prob... • https://www.exploit-db.com/exploits/28343 •
CVSS: 6.5EPSS: 20%CPEs: 13EXPL: 1CVE-2006-7031 – Microsoft Internet Explorer 6.0.2900 SP2 - CSS Attribute Denial of Service
https://notcve.org/view.php?id=CVE-2006-7031
23 Feb 2007 — Microsoft Internet Explorer 6.0.2900 SP2 and earlier allows remote attackers to cause a denial of service (crash) via a table element with a CSS attribute that sets the position, which triggers an "unhandled exception" in mshtml.dll. Microsoft Internet Explorer 6.0.2900 SP2 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (caída) mediante un elemento tabla con un atributo CSS que fija la posición, lo cual dispara una "excepción no manejada" en mshtml.dll. • https://www.exploit-db.com/exploits/1775 •
CVSS: 10.0EPSS: 91%CPEs: 18EXPL: 0CVE-2007-0219
https://notcve.org/view.php?id=CVE-2007-0219
13 Feb 2007 — Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects from (1) Msb1fren.dll, (2) Htmlmm.ocx, and (3) Blnmgrps.dll as ActiveX controls, which allows remote attackers to execute arbitrary code via unspecified vectors, a different issue than CVE-2006-4697. Microsoft Internet Explorer 5.01, 6, y 7 utiliza ciertos objetos COM de (1) Msb1fren.dll, (2) Htmlmm.ocx, y (3) Blnmgrps.dll como controles ActiveX, lo cual permite a atacantes remotos ejecutar código de su elección mediante vectores no especif... • http://secunia.com/advisories/24156 •
CVSS: 9.3EPSS: 66%CPEs: 18EXPL: 0CVE-2006-4697
https://notcve.org/view.php?id=CVE-2006-4697
13 Feb 2007 — Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects from Imjpcksid.dll as ActiveX controls, which allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: this issue might be related to CVE-2006-4193. Microsoft Internet Explorer 5.01, 6, y 7 utiliza ciertos objetos COM de Imjpcksid.dll como controles ActiveX, lo cual permite a atacantes remotos ejecutar código de su elección mediante vectores no especificados. NOTA: este asunto podría estar relacionado con CVE-2006-41... • http://secunia.com/advisories/24156 •
CVSS: 7.8EPSS: 65%CPEs: 10EXPL: 2CVE-2007-0612 – Microsoft Internet Explorer 5.0.1 - Multiple ActiveX Controls Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2007-0612
31 Jan 2007 — Multiple ActiveX controls in Microsoft Windows 2000, XP, 2003, and Vista allows remote attackers to cause a denial of service (Internet Explorer crash) by accessing the bgColor, fgColor, linkColor, alinkColor, vlinkColor, or defaultCharset properties in the (1) giffile, (2) htmlfile, (3) jpegfile, (4) mhtmlfile, (5) ODCfile, (6) pjpegfile, (7) pngfile, (8) xbmfile, (9) xmlfile, (10) xslfile, or (11) wdfile objects in (a) mshtml.dll; or the (12) TriEditDocument.TriEditDocument or (13) TriEditDocument.TriEdit... • https://www.exploit-db.com/exploits/29536 •
CVSS: 9.3EPSS: 96%CPEs: 13EXPL: 2CVE-2007-0024 – Microsoft Internet Explorer - VML Download and Execute (MS07-004)
https://notcve.org/view.php?id=CVE-2007-0024
09 Jan 2007 — Integer overflow in the Vector Markup Language (VML) implementation (vgx.dll) in Microsoft Internet Explorer 5.01, 6, and 7 on Windows 2000 SP4, XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted web page that contains unspecified integer properties that cause insufficient memory allocation and trigger a buffer overflow, aka the "VML Buffer Overrun Vulnerability." Debordamiento de Entero en la implementación (vgx.dll) del Lenguaje de Marcas de Vectores (... • https://www.exploit-db.com/exploits/3148 •