CVSS: 9.3EPSS: 90%CPEs: 13EXPL: 1CVE-2007-2221 – Microsoft Internet Explorer 7 - Arbitrary File Rewrite (MS07-027)
https://notcve.org/view.php?id=CVE-2007-2221
08 May 2007 — Unspecified vulnerability in the mdsauth.dll COM object in Microsoft Windows Media Server in the Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; or 7 on Windows Vista allows remote attackers to overwrite arbitrary files via unspecified vectors, aka the "Arbitrary File Rewrite Vulnerability." Vulnerabilidad no especificada en el objeto COM mdsauth.dll de Microsoft Windows Media Server en Microsoft Internet Expl... • https://www.exploit-db.com/exploits/3892 •
CVSS: 9.8EPSS: 89%CPEs: 13EXPL: 0CVE-2007-0945
https://notcve.org/view.php?id=CVE-2007-0945
08 May 2007 — Microsoft Internet Explorer 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; and 7 on Windows Vista allows remote attackers to execute arbitrary code via certain property methods that may trigger memory corruption, aka "Property Memory Corruption Vulnerability." Microsoft Internet Explorer 6 SP1 sobre Windows 2000 SP4; 6 y 7 sobre Windows XP SP2, o Windows Server 2003 SP1 o SP2; y 7 sobre Windows Vista permite a atacantes remotos ejecutar código de su elección a travé... • http://secunia.com/advisories/23769 •
CVSS: 9.3EPSS: 95%CPEs: 14EXPL: 0CVE-2007-0947
https://notcve.org/view.php?id=CVE-2007-0947
08 May 2007 — Use-after-free vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, resulting in accessing deallocated memory of CMarkup objects, aka the second of two "HTML Objects Memory Corruption Vulnerabilities" and a different issue than CVE-2007-0946. Una vulnerabilidad de uso de memoria previamente liberada en Microsoft Internet Explorer 7 en Windows XP SP2, Windows Server 2003 S... • http://secunia.com/advisories/23769 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 92%CPEs: 25EXPL: 0CVE-2007-0942
https://notcve.org/view.php?id=CVE-2007-0942
08 May 2007 — Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; and possibly 7 on Windows Vista does not properly "instantiate certain COM objects as ActiveX controls," which allows remote attackers to execute arbitrary code via a crafted COM object from chtskdic.dll. Microsoft Internet Explorer versión 5.01 SP4 en Windows 2000 SP4; versión 6 SP1 en Windows 2000 SP4; versiones 6 y 7 en Windows XP SP2, o Windows Server 2003 SP... • http://secunia.com/advisories/23769 •
CVSS: 9.3EPSS: 95%CPEs: 8EXPL: 0CVE-2007-0946
https://notcve.org/view.php?id=CVE-2007-0946
08 May 2007 — Unspecified vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, which results in memory corruption, aka the first of two "HTML Objects Memory Corruption Vulnerabilities" and a different issue than CVE-2007-0947. Vulnerabilidad no especificada en Microsoft Internet Explorer 7 de Windows XP SP2, Windows Server 2003 SP1 ó SP2, ó Windows Vista permite a atacantes remotos eje... • http://secunia.com/advisories/23769 •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 3CVE-2007-1215 – Microsoft Windows - GDI Privilege Escalation (MS07-017)
https://notcve.org/view.php?id=CVE-2007-1215
04 Apr 2007 — Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via certain "color-related parameters" in crafted images. Desbordamiento de búfer en el Graphics Device Interface (GDI) del Microsoft Windows 2000 SP4, XP SP2, Server 2003 Gold, SP1, y SP2 y en el Vista permite a usuarios locales obtener privilegios mediante ciertos "parámetros de colores relacionados" en imágenes manipuladas. • https://www.exploit-db.com/exploits/3688 •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 3CVE-2007-1212 – Microsoft Windows - GDI Privilege Escalation (MS07-017)
https://notcve.org/view.php?id=CVE-2007-1212
04 Apr 2007 — Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via a crafted Enhanced Metafile (EMF) image format file. Desbordamiento de búfer en el Graphics Device Interface (GDI) en Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, y SP2; y Vista permite a usuarios locales ganar privilegios a través de archivos de imágenes con formato Enhanced Metafile(EMF). • https://www.exploit-db.com/exploits/3688 •
CVSS: 9.3EPSS: 40%CPEs: 14EXPL: 16CVE-2007-0038 – Microsoft Windows Explorer - '.ANI' File Denial of Service
https://notcve.org/view.php?id=CVE-2007-0038
30 Mar 2007 — Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a large length value in the second (or later) anih block of a RIFF .ANI, cur, or .ico file, which results in memory corruption when processing cursors, animated cursors, and icons, a variant of CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this might be a duplicate of CVE-2... • https://www.exploit-db.com/exploits/3684 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 20%CPEs: 13EXPL: 1CVE-2006-7031 – Microsoft Internet Explorer 6.0.2900 SP2 - CSS Attribute Denial of Service
https://notcve.org/view.php?id=CVE-2006-7031
23 Feb 2007 — Microsoft Internet Explorer 6.0.2900 SP2 and earlier allows remote attackers to cause a denial of service (crash) via a table element with a CSS attribute that sets the position, which triggers an "unhandled exception" in mshtml.dll. Microsoft Internet Explorer 6.0.2900 SP2 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (caída) mediante un elemento tabla con un atributo CSS que fija la posición, lo cual dispara una "excepción no manejada" en mshtml.dll. • https://www.exploit-db.com/exploits/1775 •
CVSS: 6.5EPSS: 54%CPEs: 8EXPL: 0CVE-2006-7030
https://notcve.org/view.php?id=CVE-2006-7030
23 Feb 2007 — Microsoft Internet Explorer 6 SP2 and earlier allows remote attackers to cause a denial of service (crash) via certain malformed HTML, possibly involving applet and base tags without required arguments, which triggers a null pointer dereference in mshtml.dll. Microsoft Internet Explorer 6 SP2 y anteriores permite a atacantes remotos provocar denegación de servicio (caida) a través de ciertos HTML malformados, posiblemente afectando a etiquetas base y applet sin argumentos requeridos, lo cual dispara un punt... • http://securityreason.com/securityalert/2286 •