CVSS: 6.5EPSS: 17%CPEs: 41EXPL: 3CVE-2006-7065 – Microsoft Internet Explorer 6.0/7.0 - IFrame Refresh Denial of Service
https://notcve.org/view.php?id=CVE-2006-7065
27 Feb 2007 — Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via an IFRAME with a certain XML file and XSL stylesheet that triggers a crash in mshtml.dll when a refresh is called, probably a null pointer dereference. Microsoft Internet Explorer permite a atacantes remotos provocar denegación de servicio (caida) a través de un IFRAME con ciertos archivos XML y plantillas de estilo XSL que disparan una cauda en mshtml.dll cuando un se llama se solicita un refresco de cotenido, prob... • https://www.exploit-db.com/exploits/28343 •
CVSS: 6.1EPSS: 20%CPEs: 1EXPL: 0CVE-2007-1114
https://notcve.org/view.php?id=CVE-2007-1114
26 Feb 2007 — The child frames in Microsoft Internet Explorer 7 inherit the default charset from the parent window when a charset is not specified in an HTTP Content-Type header or META tag, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 character set. Los marcos hijo en Microsoft Internet Explorer 7 heredan el juego de caracteres de la ventana padre cuando un juego de caracteres no se ha especificado en una cabecera HTTP Content-Type o en una etiqueta META, l... • http://secunia.com/advisories/24314 •
CVSS: 6.8EPSS: 49%CPEs: 4EXPL: 0CVE-2007-1091
https://notcve.org/view.php?id=CVE-2007-1091
26 Feb 2007 — Microsoft Internet Explorer 7 allows remote attackers to prevent users from leaving a site, spoof the address bar, and conduct phishing and other attacks via onUnload Javascript handlers. Microsoft Internet Explorer 7 permite a atacantes remotos impedir a los usuarios dejar un sitio, simular la barra de direcciones y llevar a cabo ataques de tipo phishing u otros mediante un gestor de eventos Javascript onUnload. • http://lcamtuf.coredump.cx/ietrap •
CVSS: 6.5EPSS: 30%CPEs: 8EXPL: 0CVE-2006-7030
https://notcve.org/view.php?id=CVE-2006-7030
23 Feb 2007 — Microsoft Internet Explorer 6 SP2 and earlier allows remote attackers to cause a denial of service (crash) via certain malformed HTML, possibly involving applet and base tags without required arguments, which triggers a null pointer dereference in mshtml.dll. Microsoft Internet Explorer 6 SP2 y anteriores permite a atacantes remotos provocar denegación de servicio (caida) a través de ciertos HTML malformados, posiblemente afectando a etiquetas base y applet sin argumentos requeridos, lo cual dispara un punt... • http://securityreason.com/securityalert/2286 •
CVSS: 10.0EPSS: 61%CPEs: 18EXPL: 0CVE-2007-0219
https://notcve.org/view.php?id=CVE-2007-0219
13 Feb 2007 — Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects from (1) Msb1fren.dll, (2) Htmlmm.ocx, and (3) Blnmgrps.dll as ActiveX controls, which allows remote attackers to execute arbitrary code via unspecified vectors, a different issue than CVE-2006-4697. Microsoft Internet Explorer 5.01, 6, y 7 utiliza ciertos objetos COM de (1) Msb1fren.dll, (2) Htmlmm.ocx, y (3) Blnmgrps.dll como controles ActiveX, lo cual permite a atacantes remotos ejecutar código de su elección mediante vectores no especif... • http://secunia.com/advisories/24156 •
CVSS: 9.3EPSS: 54%CPEs: 18EXPL: 0CVE-2006-4697
https://notcve.org/view.php?id=CVE-2006-4697
13 Feb 2007 — Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects from Imjpcksid.dll as ActiveX controls, which allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: this issue might be related to CVE-2006-4193. Microsoft Internet Explorer 5.01, 6, y 7 utiliza ciertos objetos COM de Imjpcksid.dll como controles ActiveX, lo cual permite a atacantes remotos ejecutar código de su elección mediante vectores no especificados. NOTA: este asunto podría estar relacionado con CVE-2006-41... • http://secunia.com/advisories/24156 •
CVSS: 10.0EPSS: 76%CPEs: 12EXPL: 1CVE-2007-0217 – Microsoft Internet Explorer - FTP Server Response Denial of Service (MS07-016)
https://notcve.org/view.php?id=CVE-2007-0217
13 Feb 2007 — The wininet.dll FTP client code in Microsoft Internet Explorer 5.01 and 6 might allow remote attackers to execute arbitrary code via an FTP server response of a specific length that causes a terminating null byte to be written outside of a buffer, which causes heap corruption. El código del cliente FTP wininet.dll en Microsoft Internet Explorer 5.01 y 6 podría permitir a atacantes remotos ejecutar código de su elección mediante una respuesta FTP del servidor de una longitud específica que provoca que el byt... • https://www.exploit-db.com/exploits/3444 •
CVSS: 6.5EPSS: 46%CPEs: 2EXPL: 2CVE-2007-0811 – Microsoft Internet Explorer 6 - 'mshtml.dll' Null Pointer Dereference
https://notcve.org/view.php?id=CVE-2007-0811
07 Feb 2007 — Microsoft Internet Explorer 6.0 SP1 on Windows 2000, and 6.0 SP2 on Windows XP, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an HTML document containing a certain JavaScript for loop with an empty loop body, possibly involving getElementById. Microsoft Internet Explorer 6.0 SP1 en Windows 2000, y 6.0 SP2 en Windows XP, permite a atacantes remotos provocar una denegación de servicio (referencia a puntero nulo y caída de aplicación) mediante un docu... • https://www.exploit-db.com/exploits/3272 •
CVSS: 7.8EPSS: 53%CPEs: 10EXPL: 2CVE-2007-0612 – Microsoft Internet Explorer 5.0.1 - Multiple ActiveX Controls Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2007-0612
31 Jan 2007 — Multiple ActiveX controls in Microsoft Windows 2000, XP, 2003, and Vista allows remote attackers to cause a denial of service (Internet Explorer crash) by accessing the bgColor, fgColor, linkColor, alinkColor, vlinkColor, or defaultCharset properties in the (1) giffile, (2) htmlfile, (3) jpegfile, (4) mhtmlfile, (5) ODCfile, (6) pjpegfile, (7) pngfile, (8) xbmfile, (9) xmlfile, (10) xslfile, or (11) wdfile objects in (a) mshtml.dll; or the (12) TriEditDocument.TriEditDocument or (13) TriEditDocument.TriEdit... • https://www.exploit-db.com/exploits/29536 •
CVSS: 7.5EPSS: 11%CPEs: 2EXPL: 2CVE-2007-0356 – CCRP Folder Treeview Control (ccrpftv6.ocx) - IE Denial of Service
https://notcve.org/view.php?id=CVE-2007-0356
19 Jan 2007 — The Common Controls Replacement Project (CCRP) FolderTreeview (FTV) ActiveX control (ccrpftv6.ocx) allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long CCRP.RootFolder property value. The Common Controls Replacement Project (CCRP) FolderTreeview (FTV) Control ActiveX (ccrpftv6.ocx) permite a atacantes remotos provocar una denegación de servicio (caída de Internet Explorer 7) mediante un valor de propiedad CCRP.RootFolder largo. • https://www.exploit-db.com/exploits/3142 •