CVSS: 9.3EPSS: 52%CPEs: 19EXPL: 0CVE-2007-3027 – Microsoft Internet Explorer Language Pack Installation Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2007-3027
12 Jun 2007 — Race condition in Microsoft Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code by causing Internet Explorer to install multiple language packs in a way that triggers memory corruption, aka "Language Pack Installation Vulnerability." Condición de carrera en Microsoft Internet Explorer 5.01, 6, y 7 permite a atacantes remotos ejecutar código de su elección provocando que Internet Explorer instale múltiples paquetes de idioma en un modo que dispara una corrupción de memoria, tam... • http://osvdb.org/35350 •
CVSS: 8.1EPSS: 18%CPEs: 24EXPL: 0CVE-2007-3091
https://notcve.org/view.php?id=CVE-2007-3091
06 Jun 2007 — Race condition in Microsoft Internet Explorer 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code or perform other actions upon a page transition, with the permissions of the old page and the content of the new page, as demonstrated by setInterval functions that set location.href within a try/catch expression, aka the "bait & switch vulnerability" or "Race Condition Cross-Domain In... • http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0026.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.3EPSS: 1%CPEs: 3EXPL: 0CVE-2007-2999
https://notcve.org/view.php?id=CVE-2007-2999
04 Jun 2007 — Microsoft Windows Server 2003, when time restrictions are in effect for user accounts, generates different error messages for failed login attempts with a valid user name than for those with an invalid user name, which allows context-dependent attackers to determine valid Active Directory account names. Microsoft Windows Server 2003, cuando las restricciones de tiempo están en efecto para las cuentas del usuario, genera diversos mensajes de error para las tentativas falladas de conexión con un nombre válido... • http://osvdb.org/36138 •
CVSS: 9.3EPSS: 70%CPEs: 13EXPL: 1CVE-2007-2221 – Microsoft Internet Explorer 7 - Arbitrary File Rewrite (MS07-027)
https://notcve.org/view.php?id=CVE-2007-2221
08 May 2007 — Unspecified vulnerability in the mdsauth.dll COM object in Microsoft Windows Media Server in the Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; or 7 on Windows Vista allows remote attackers to overwrite arbitrary files via unspecified vectors, aka the "Arbitrary File Rewrite Vulnerability." Vulnerabilidad no especificada en el objeto COM mdsauth.dll de Microsoft Windows Media Server en Microsoft Internet Expl... • https://www.exploit-db.com/exploits/3892 •
CVSS: 9.3EPSS: 54%CPEs: 25EXPL: 0CVE-2007-0942
https://notcve.org/view.php?id=CVE-2007-0942
08 May 2007 — Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; and possibly 7 on Windows Vista does not properly "instantiate certain COM objects as ActiveX controls," which allows remote attackers to execute arbitrary code via a crafted COM object from chtskdic.dll. Microsoft Internet Explorer versión 5.01 SP4 en Windows 2000 SP4; versión 6 SP1 en Windows 2000 SP4; versiones 6 y 7 en Windows XP SP2, o Windows Server 2003 SP... • http://secunia.com/advisories/23769 •
CVSS: 9.8EPSS: 59%CPEs: 13EXPL: 0CVE-2007-0945
https://notcve.org/view.php?id=CVE-2007-0945
08 May 2007 — Microsoft Internet Explorer 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; and 7 on Windows Vista allows remote attackers to execute arbitrary code via certain property methods that may trigger memory corruption, aka "Property Memory Corruption Vulnerability." Microsoft Internet Explorer 6 SP1 sobre Windows 2000 SP4; 6 y 7 sobre Windows XP SP2, o Windows Server 2003 SP1 o SP2; y 7 sobre Windows Vista permite a atacantes remotos ejecutar código de su elección a travé... • http://secunia.com/advisories/23769 •
CVSS: 9.3EPSS: 59%CPEs: 8EXPL: 0CVE-2007-0946
https://notcve.org/view.php?id=CVE-2007-0946
08 May 2007 — Unspecified vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, which results in memory corruption, aka the first of two "HTML Objects Memory Corruption Vulnerabilities" and a different issue than CVE-2007-0947. Vulnerabilidad no especificada en Microsoft Internet Explorer 7 de Windows XP SP2, Windows Server 2003 SP1 ó SP2, ó Windows Vista permite a atacantes remotos eje... • http://secunia.com/advisories/23769 •
CVSS: 9.3EPSS: 55%CPEs: 14EXPL: 0CVE-2007-0947
https://notcve.org/view.php?id=CVE-2007-0947
08 May 2007 — Use-after-free vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, resulting in accessing deallocated memory of CMarkup objects, aka the second of two "HTML Objects Memory Corruption Vulnerabilities" and a different issue than CVE-2007-0946. Una vulnerabilidad de uso de memoria previamente liberada en Microsoft Internet Explorer 7 en Windows XP SP2, Windows Server 2003 S... • http://secunia.com/advisories/23769 • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 64%CPEs: 10EXPL: 0CVE-2007-0944 – Microsoft Internet Explorer Table Column Deletion Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2007-0944
08 May 2007 — Unspecified vulnerability in the CTableCol::OnPropertyChange method in Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; and 6 on Windows XP SP2, or Windows Server 2003 SP1 or SP2 allows remote attackers to execute arbitrary code by calling deleteCell on a named table row in a named table column, then accessing the column, which causes Internet Explorer to access previously deleted objects, aka the "Uninitialized Memory Corruption Vulnerability." Vulnerabilidad no especifi... • http://secunia.com/advisories/23769 •
CVSS: 10.0EPSS: 84%CPEs: 7EXPL: 5CVE-2007-1748 – Microsoft Windows - DNS DnssrvQuery Remote Stack Overflow
https://notcve.org/view.php?id=CVE-2007-1748
13 Apr 2007 — Stack-based buffer overflow in the RPC interface in the Domain Name System (DNS) Server Service in Microsoft Windows 2000 Server SP 4, Server 2003 SP 1, and Server 2003 SP 2 allows remote attackers to execute arbitrary code via a long zone name containing character constants represented by escape sequences. El desbordamiento de búfer en la región stack de la memoria, en la interfaz RPC en el Domain Name System (DNS) Server Service en Microsoft Windows versiones 2000 Server SP 4, Server 2003 SP 1 y Server 20... • https://www.exploit-db.com/exploits/3740 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •