CVSS: 10.0EPSS: 40%CPEs: 2EXPL: 1CVE-2007-2938 – Microsoft Internet Explorer 6 / Ademco co. ltd. ATNBaseLoader100 Module - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-2938
31 May 2007 — Buffer overflow in the BaseRunner ActiveX control in the Ademco ATNBaseLoader100 Module (ATNBaseLoader100.dll) 5.4.0.6, when Internet Explorer 6 is used, allows remote attackers to execute arbitrary code via a long argument to the (1) Send485CMD method, and possibly the (2) SetLoginID, (3) AddSite, (4) SetScreen, and (5) SetVideoServer methods. Desbordamiento de búfer en el controlado ActiveX BaseRunner en el módulo Ademco ATNBaseLoader100 (ATNBaseLoader100.dll) 5.4.0.6, cuando se está utilizando Internet E... • https://www.exploit-db.com/exploits/3993 •
CVSS: 9.3EPSS: 23%CPEs: 2EXPL: 3CVE-2007-2856 – Dart Communications PowerTCP - Service Control Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-2856
24 May 2007 — Buffer overflow in the Dart Communications PowerTCP ZIP Compression ActiveX control in DartZip.dll 1.8.5.3, when Internet Explorer 6 is used, allows user-assisted remote attackers to execute arbitrary code via a long first argument to the QuickZip function, a related issue to CVE-2007-2855. Un desbordamiento de búfer en el control ActiveX de Dart Communications PowerTCP ZIP Compression en la biblioteca DartZip.dll versión 1.8.5.3, cuando se usa Internet Explorer versión 6, permite a los atacantes remotos as... • https://www.exploit-db.com/exploits/3982 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 90%CPEs: 13EXPL: 1CVE-2007-2221 – Microsoft Internet Explorer 7 - Arbitrary File Rewrite (MS07-027)
https://notcve.org/view.php?id=CVE-2007-2221
08 May 2007 — Unspecified vulnerability in the mdsauth.dll COM object in Microsoft Windows Media Server in the Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; or 7 on Windows Vista allows remote attackers to overwrite arbitrary files via unspecified vectors, aka the "Arbitrary File Rewrite Vulnerability." Vulnerabilidad no especificada en el objeto COM mdsauth.dll de Microsoft Windows Media Server en Microsoft Internet Expl... • https://www.exploit-db.com/exploits/3892 •
CVSS: 9.8EPSS: 89%CPEs: 13EXPL: 0CVE-2007-0945
https://notcve.org/view.php?id=CVE-2007-0945
08 May 2007 — Microsoft Internet Explorer 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; and 7 on Windows Vista allows remote attackers to execute arbitrary code via certain property methods that may trigger memory corruption, aka "Property Memory Corruption Vulnerability." Microsoft Internet Explorer 6 SP1 sobre Windows 2000 SP4; 6 y 7 sobre Windows XP SP2, o Windows Server 2003 SP1 o SP2; y 7 sobre Windows Vista permite a atacantes remotos ejecutar código de su elección a travé... • http://secunia.com/advisories/23769 •
CVSS: 9.3EPSS: 95%CPEs: 14EXPL: 0CVE-2007-0947
https://notcve.org/view.php?id=CVE-2007-0947
08 May 2007 — Use-after-free vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, resulting in accessing deallocated memory of CMarkup objects, aka the second of two "HTML Objects Memory Corruption Vulnerabilities" and a different issue than CVE-2007-0946. Una vulnerabilidad de uso de memoria previamente liberada en Microsoft Internet Explorer 7 en Windows XP SP2, Windows Server 2003 S... • http://secunia.com/advisories/23769 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 92%CPEs: 25EXPL: 0CVE-2007-0942
https://notcve.org/view.php?id=CVE-2007-0942
08 May 2007 — Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; and possibly 7 on Windows Vista does not properly "instantiate certain COM objects as ActiveX controls," which allows remote attackers to execute arbitrary code via a crafted COM object from chtskdic.dll. Microsoft Internet Explorer versión 5.01 SP4 en Windows 2000 SP4; versión 6 SP1 en Windows 2000 SP4; versiones 6 y 7 en Windows XP SP2, o Windows Server 2003 SP... • http://secunia.com/advisories/23769 •
CVSS: 9.3EPSS: 9%CPEs: 43EXPL: 11CVE-2007-1765 – Microsoft Windows Explorer - '.ANI' File Denial of Service
https://notcve.org/view.php?id=CVE-2007-1765
30 Mar 2007 — Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier. Una vulnerabilidad n... • https://www.exploit-db.com/exploits/3684 •
CVSS: 6.5EPSS: 34%CPEs: 41EXPL: 3CVE-2006-7065 – Microsoft Internet Explorer 6.0/7.0 - IFrame Refresh Denial of Service
https://notcve.org/view.php?id=CVE-2006-7065
27 Feb 2007 — Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via an IFRAME with a certain XML file and XSL stylesheet that triggers a crash in mshtml.dll when a refresh is called, probably a null pointer dereference. Microsoft Internet Explorer permite a atacantes remotos provocar denegación de servicio (caida) a través de un IFRAME con ciertos archivos XML y plantillas de estilo XSL que disparan una cauda en mshtml.dll cuando un se llama se solicita un refresco de cotenido, prob... • https://www.exploit-db.com/exploits/28343 •
CVSS: 7.5EPSS: 41%CPEs: 4EXPL: 2CVE-2006-7066 – Microsoft Internet Explorer 6 - Deleted Frame Object Denial of Service
https://notcve.org/view.php?id=CVE-2006-7066
27 Feb 2007 — Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by creating an object inside an iframe, deleting the frame by setting its location.href to about:blank, then accessing a property of the object within the deleted frame, which triggers a NULL pointer dereference. NOTE: it was later reported that 7.0.6000.16473 and earlier are also affected. Microsoft Internet Explorer versión 6 en Windows XP SP2, permite a atacantes remotos causar una denegación de s... • https://www.exploit-db.com/exploits/28301 •
CVSS: 6.8EPSS: 53%CPEs: 4EXPL: 0CVE-2007-1091
https://notcve.org/view.php?id=CVE-2007-1091
26 Feb 2007 — Microsoft Internet Explorer 7 allows remote attackers to prevent users from leaving a site, spoof the address bar, and conduct phishing and other attacks via onUnload Javascript handlers. Microsoft Internet Explorer 7 permite a atacantes remotos impedir a los usuarios dejar un sitio, simular la barra de direcciones y llevar a cabo ataques de tipo phishing u otros mediante un gestor de eventos Javascript onUnload. • http://lcamtuf.coredump.cx/ietrap •