CVSS: 8.8EPSS: 64%CPEs: 8EXPL: 0CVE-2006-3638
https://notcve.org/view.php?id=CVE-2006-3638
08 Aug 2006 — Microsoft Internet Explorer 5.01 and 6 does not properly handle uninitialized COM objects, which allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code, as demonstrated by the Nth function in the DirectAnimation.DATuple ActiveX control, aka "COM Object Instantiation Memory Corruption Vulnerability." Microsoft Internet Explorer 5.01 y 6 no maneja adecuadamente objetos COM no inicializados, lo cual permite a atacantes remotos provocar una denegación de ser... • http://secunia.com/advisories/21396 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 63%CPEs: 2EXPL: 0CVE-2006-3450 – Microsoft Internet Explorer CSS Class Ordering Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2006-3450
08 Aug 2006 — Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using the document.getElementByID Javascript function to access crafted Cascading Style Sheet (CSS) elements, and possibly other unspecified vectors involving certain layout positioning combinations in an HTML file. Microsoft Internet Explorer 6 permite a atacantes remotos ejecutar código de su elección usando la función Javascript document.getElementByID para acceder a elementos de Hojas de Estilo en Cascada (CSS) manipulado... • http://secunia.com/advisories/21396 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 21%CPEs: 4EXPL: 3CVE-2006-3915 – Microsoft Internet Explorer 6 - Native Function Iterator Denial of Service
https://notcve.org/view.php?id=CVE-2006-3915
28 Jul 2006 — Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by iterating over any native function, as demonstrated with the window.alert function, which triggers a null dereference. Microsoft Internet Explorer 6 sobre Windows XP SP2 permite a atacantes remotos provocar denegación de servicio (caida) a travès de la iteración sobre cualquier función nativa, como se demostro con la función window.alert, lo cual dispara un referencia null. • https://www.exploit-db.com/exploits/28265 •
CVSS: 7.5EPSS: 27%CPEs: 4EXPL: 2CVE-2006-3897 – Microsoft Internet Explorer 6 - NMSA.ASFSourceMediaDescription Stack Overflow
https://notcve.org/view.php?id=CVE-2006-3897
27 Jul 2006 — Stack overflow in Microsoft Internet Explorer 6 on Windows 2000 allows remote attackers to cause a denial of service (application crash) by creating an NMSA.ASFSourceMediaDescription.1 ActiveX object with a long dispValue property. Desbordamiento de búfer basado en pila en Microsoft Internet Explorer 6 sobre Windows 2000 permite a atacantes remotos provocar denegación de servicio (caida de aplicación) a través de la creación de un objeto ActiveX NMSA.ASFSourceMediaDescription.1 con una propiedad dispValue. • https://www.exploit-db.com/exploits/28259 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 22%CPEs: 3EXPL: 2CVE-2006-3898 – Microsoft Internet Explorer 6 - Internet.HHCtrl Click Denial of Service
https://notcve.org/view.php?id=CVE-2006-3898
27 Jul 2006 — Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to cause a denial of service (application crash) by calling the Click method of the Internet.HHCtrl.1 ActiveX object before initializing the URL, which triggers a null dereference. Microsoft Internet Explorer 6.0 sobre Windows XP SP2 permite a atacantes remotos provocar denegación de servicio (caida de aplicación) a través de la llamada al método click del objeto ActiveX Internet.HHCtrl.1 anterior a la inicialización de la URL, la cua... • https://www.exploit-db.com/exploits/28256 •
CVSS: 6.5EPSS: 17%CPEs: 4EXPL: 2CVE-2006-3899 – Microsoft Internet Explorer 6 - String To Binary Function Denial of Service
https://notcve.org/view.php?id=CVE-2006-3899
27 Jul 2006 — Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to cause a denial of service (application crash) by calling the stringToBinary function of the CEnroll.CEnroll.2 ActiveX object with a long second argument, which triggers an invalid memory access inside the SysAllocStringLen function. Microsoft Internet Explorer 6.0 en Windows XP SP2 permite a atacantes remotos provocar una denegación de servicio (cierre de aplicación) llamando a la función stringToBinary del objeto ActiveX CEnroll.C... • https://www.exploit-db.com/exploits/28252 •
CVSS: 9.8EPSS: 88%CPEs: 3EXPL: 7CVE-2006-3730 – Microsoft Internet Explorer - WebViewFolderIcon setSlice()
https://notcve.org/view.php?id=CVE-2006-3730
19 Jul 2006 — Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads to an invalid memory copy. Desbordamiento de entero en Microsoft Internet Explorer 6 sobre Windows XP SP2 permite a atacantes remotos provocar denegación de servicio (caida) y ejecutar código de su elección a través deun argumento 0x7fffffff en el método s... • https://www.exploit-db.com/exploits/2458 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 22%CPEs: 4EXPL: 3CVE-2006-3729 – Microsoft Internet Explorer 6 - DataSourceControl Denial of Service
https://notcve.org/view.php?id=CVE-2006-3729
19 Jul 2006 — DataSourceControl in Internet Explorer 6 on Windows XP SP2 with Office installed allows remote attackers to cause a denial of service (crash) via a large negative integer argument to the getDataMemberName method of a OWC11.DataSourceControl.11 object, which leads to an integer overflow and a null dereference. DataSourceControl en Internet Explorer 6 sobre Windows XP SP2 con Office instalado permite a atacantes remotos provocar denegación de servicio (caida) a través de un argumento entero largo negativo en ... • https://www.exploit-db.com/exploits/28244 •
CVSS: 7.5EPSS: 30%CPEs: 2EXPL: 0CVE-2006-3657
https://notcve.org/view.php?id=CVE-2006-3657
17 Jul 2006 — Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (stack overflow exception) via a DXImageTransform.Microsoft.Gradient ActiveX object with a long (1) StartColorStr or (2) EndColorStr property. Microsoft Internet Explorer 6 permite a atacantes remotos provocar una denegación de servicio (excepción de desbordamiento de pila) a través del objeto de ActiveX DXImageTransform.Microsoft.Gradient con una propiedad larga (1) StartColorStr o (2) EndColorStr. • http://browserfun.blogspot.com/2006/07/mobb-17-dximagetransformmicrosoftgradi.html •
CVSS: 7.5EPSS: 30%CPEs: 2EXPL: 1CVE-2006-3658
https://notcve.org/view.php?id=CVE-2006-3658
17 Jul 2006 — Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by accessing the object references of a FolderItem ActiveX object, which triggers a null dereference in the security check. Microsoft Internet Explorer 6 permite a atacantes remotos provocar denegación de servicio (caida) a través del acceso a referencia a objeto de un objeto Active X FolderItem, el cual dispara un referencia null en la validación de seguridad. • http://browserfun.blogspot.com/2006/07/mobb-15-folderitem-access.html •