CVSS: 4.3EPSS: 0%CPEs: 44EXPL: 1CVE-2007-4848
https://notcve.org/view.php?id=CVE-2007-4848
12 Sep 2007 — Microsoft Internet Explorer 4.0 through 7 allows remote attackers to determine the existence of local files that have associated images via a res:// URI in the src property of a JavaScript Image object, as demonstrated by the URI for a bitmap image resource within a (1) .exe or (2) .dll file. Microsoft Internet Explorer 4.0 hasta 7 permite a atacantes remotos determinar la existencia de archivos locales que tienen imágenes asociadas mediante un URI res:// en la propiedad src de un objeto Image de JavaScript... • http://osvdb.org/37638 •
CVSS: 10.0EPSS: 1%CPEs: 4EXPL: 0CVE-2007-3341
https://notcve.org/view.php?id=CVE-2007-3341
21 Jun 2007 — Unspecified vulnerability in the FTP implementation in Microsoft Internet Explorer allows remote attackers to "see a valid memory address" via unspecified vectors, a different issue than CVE-2007-0217. Vulnerabilidad sin especificar en la implementación del FTP del Microsoft Internet Explorer permite a atacantes remotos "ver una dirección de memoria válida" a través de vectores sin especificar, vulnerabilidad diferente a la CVE-2007-0217. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=473 •
CVSS: 9.3EPSS: 92%CPEs: 25EXPL: 0CVE-2007-0942
https://notcve.org/view.php?id=CVE-2007-0942
08 May 2007 — Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; and possibly 7 on Windows Vista does not properly "instantiate certain COM objects as ActiveX controls," which allows remote attackers to execute arbitrary code via a crafted COM object from chtskdic.dll. Microsoft Internet Explorer versión 5.01 SP4 en Windows 2000 SP4; versión 6 SP1 en Windows 2000 SP4; versiones 6 y 7 en Windows XP SP2, o Windows Server 2003 SP... • http://secunia.com/advisories/23769 •
CVSS: 9.3EPSS: 9%CPEs: 43EXPL: 11CVE-2007-1765 – Microsoft Windows Explorer - '.ANI' File Denial of Service
https://notcve.org/view.php?id=CVE-2007-1765
30 Mar 2007 — Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier. Una vulnerabilidad n... • https://www.exploit-db.com/exploits/3684 •
CVSS: 6.5EPSS: 20%CPEs: 13EXPL: 1CVE-2006-7031 – Microsoft Internet Explorer 6.0.2900 SP2 - CSS Attribute Denial of Service
https://notcve.org/view.php?id=CVE-2006-7031
23 Feb 2007 — Microsoft Internet Explorer 6.0.2900 SP2 and earlier allows remote attackers to cause a denial of service (crash) via a table element with a CSS attribute that sets the position, which triggers an "unhandled exception" in mshtml.dll. Microsoft Internet Explorer 6.0.2900 SP2 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (caída) mediante un elemento tabla con un atributo CSS que fija la posición, lo cual dispara una "excepción no manejada" en mshtml.dll. • https://www.exploit-db.com/exploits/1775 •
CVSS: 7.5EPSS: 14%CPEs: 1EXPL: 1CVE-2006-7029
https://notcve.org/view.php?id=CVE-2006-7029
23 Feb 2007 — Microsoft Internet Explorer 6 SP2 and earlier allows remote attackers to cause a denial of service (crash) via a frameset with only one frame that calls resizeTo with certain arguments. NOTE: this issue might be related to CVE-2006-3637. Microsoft Internet Explorer 6 SP2 y anteriores permite a atacantes remotos provocar denegación de servicio (caida) a través de un frameset con solamente un frame que llama a resizeTo con ciertos argumentos. NOTA: Este asunto podría estar relacionado con CVE-2006-3637. • http://www.securityfocus.com/archive/1/434742/30/4830/threaded •
CVSS: 7.8EPSS: 65%CPEs: 10EXPL: 2CVE-2007-0612 – Microsoft Internet Explorer 5.0.1 - Multiple ActiveX Controls Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2007-0612
31 Jan 2007 — Multiple ActiveX controls in Microsoft Windows 2000, XP, 2003, and Vista allows remote attackers to cause a denial of service (Internet Explorer crash) by accessing the bgColor, fgColor, linkColor, alinkColor, vlinkColor, or defaultCharset properties in the (1) giffile, (2) htmlfile, (3) jpegfile, (4) mhtmlfile, (5) ODCfile, (6) pjpegfile, (7) pngfile, (8) xbmfile, (9) xmlfile, (10) xslfile, or (11) wdfile objects in (a) mshtml.dll; or the (12) TriEditDocument.TriEditDocument or (13) TriEditDocument.TriEdit... • https://www.exploit-db.com/exploits/29536 •
CVSS: 9.3EPSS: 92%CPEs: 1EXPL: 0CVE-2006-5581 – Microsoft Internet Explorer normalize() Function Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2006-5581
12 Dec 2006 — Unspecified vulnerability in Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code via certain DHTML script functions, such as normalize, and "incorrectly created elements" that trigger memory corruption, aka "DHTML Script Function Memory Corruption Vulnerability." Vulnerabilidad sin especificar en el Microsoft Internet Explorer 6 permite a atacantes remotos ejecutar código de su elección a través de determinadas funciones DHTML , como la "normalize", y "elementos creados incorrect... • http://secunia.com/advisories/23288 •
CVSS: 5.0EPSS: 12%CPEs: 2EXPL: 3CVE-2006-6310 – Microsoft Internet Explorer 6 - Frame Src Denial of Service
https://notcve.org/view.php?id=CVE-2006-6310
06 Dec 2006 — Microsoft Internet Explorer 6.0 SP1 and earlier allows remote attackers to cause a denial of service (crash) via an invalid src attribute value ("?") in an HTML frame tag that is in a frameset tag with a large rows attribute. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. Microsoft Internet Explorer 6.0 SP1 y anteriores permiten a atacantes remotos provocar una denegación de servicio (caída) mediante un valor del atributo src inválido ("?")... • https://www.exploit-db.com/exploits/29229 •
CVSS: 7.5EPSS: 23%CPEs: 12EXPL: 3CVE-2006-5162 – Microsoft Internet Explorer 6 - 'Content-Type' Stack Overflow Crash
https://notcve.org/view.php?id=CVE-2006-5162
03 Oct 2006 — wininet.dll in Microsoft Internet Explorer 6.0 SP2 and earlier allows remote attackers to cause a denial of service (unhandled exception and crash) via a long Content-Type header, which triggers a stack overflow. wininet.dll en Microsoft Internet Explorer 6.0 SP2 y anteriores permite a atacantes remotos provocar una denegación de servicio (excepción no manejada y caída) mediante una cabecera Content-Type larga, lo cual dispara un desbordamiento de pila. • https://www.exploit-db.com/exploits/2039 •