CVSS: 7.5EPSS: 84%CPEs: 4EXPL: 3CVE-2006-3511 – Microsoft Internet Explorer 6 - 'HtmlDlgSafeHelper' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2006-3511
11 Jul 2006 — Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by setting the fonts property of the HtmlDlgSafeHelper object, which triggers a null dereference. Internet Explorer 6 on Windows XP SP2 permite a atacantes remotos provocar una denegación de servicio (caída) activando la propiedad fonts del objeto HtmlDlgSafeHelper, lo que dispara una referencia nula. • https://www.exploit-db.com/exploits/28202 •
CVSS: 7.5EPSS: 85%CPEs: 4EXPL: 2CVE-2006-3512 – Microsoft Internet Explorer 6 - Object.Microsoft.DXTFilter Denial of Service
https://notcve.org/view.php?id=CVE-2006-3512
11 Jul 2006 — Internet Explorer 6 on Windows XP allows remote attackers to cause a denial of service (crash) by setting the Enabled property of a DXTFilter ActiveX object to true, which triggers a null dereference. Internet Explorer 6 on Windows XP permite a atacantes remotos provocar una denegación de servicio (caída) activando la propiedad Enabled de un objeto ActiveX DXTFilter a verdadero, lo que dispara una referencia nula. • https://www.exploit-db.com/exploits/28197 •
CVSS: 5.3EPSS: 36%CPEs: 2EXPL: 2CVE-2006-3472 – Microsoft Internet Explorer 6 - Href Title Denial of Service
https://notcve.org/view.php?id=CVE-2006-3472
10 Jul 2006 — Microsoft Internet Explorer 6.0 and 6.0 SP1 allows remote attackers to cause a denial of service via an HTML page with an A tag containing a long title attribute. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Microsoft Internet Explorer 6.0 y 6.0 SP1 permite a atacantes remotos provocar una denegación de servicio a través de una página HTML con una etiqueta A que contiene un atributo de título largo. NOTA: el origen de esta información es ... • https://www.exploit-db.com/exploits/28164 •
CVSS: 7.5EPSS: 86%CPEs: 3EXPL: 2CVE-2006-3427 – Microsoft Internet Explorer 5.0.1/6.0 - Structured Graphics Control Denial of Service
https://notcve.org/view.php?id=CVE-2006-3427
07 Jul 2006 — Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by declaring the sourceURL attribute on an uninitialized DirectAnimation.StructuredGraphicsControl ActiveX Object, which triggers a null dereference. Microsoft Internet Explorer 6 permite a atacantes remotos provocar una denegación de servicio (caída) mediante la declaración del atributo sourceURL en un objeto ActiveX DirectAnimation.StructuredGraphicsControl sin inicializar, lo cual dispara un referencia a NULL. • https://www.exploit-db.com/exploits/28169 •
CVSS: 8.8EPSS: 92%CPEs: 1EXPL: 1CVE-2006-3357
https://notcve.org/view.php?id=CVE-2006-3357
06 Jul 2006 — Heap-based buffer overflow in HTML Help ActiveX control (hhctrl.ocx) in Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code by repeatedly setting the Image field of an Internet.HHCtrl.1 object to certain values, possibly related to improper escaping and long strings. Desbordamiento del búfer de memoria libre para la reserva dinámica en HTML Help ActiveX control (hhctrl.ocx) en Microsoft Internet Explorer 6.0, que permit... • http://browserfun.blogspot.com/2006/07/mobb-2-internethhctrl-image-property.html •
CVSS: 7.5EPSS: 87%CPEs: 21EXPL: 3CVE-2006-3354 – Microsoft Internet Explorer 6 - ADODB.Recordset Filter Property Denial of Service
https://notcve.org/view.php?id=CVE-2006-3354
06 Jul 2006 — Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Filter property of an ADODB.Recordset ActiveX object to certain values multiple times, which triggers a null dereference. Vulnerabilidad en el navegador web Internet Explorer v6 de Microsoft que permite a atacantes remotos causar una denegación de servicio (indisponibilidad de la aplicación) asignando a la propiedad "Filter" (filtro) de un objeto ActiveX ADODB.Recordset ciertos valores varias veces, lo ... • https://www.exploit-db.com/exploits/28145 •
CVSS: 7.5EPSS: 96%CPEs: 1EXPL: 1CVE-2006-3280 – Microsoft Internet Explorer 5.0.1 - OuterHTML redirection Handling Information Disclosure
https://notcve.org/view.php?id=CVE-2006-3280
28 Jun 2006 — Cross-domain vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, aka "Redirect Cross-Domain Information Disclosure Vulnerability." Vulnerabilidad de dominios cruzados en Microsoft Int... • https://www.exploit-db.com/exploits/28118 •
CVSS: 8.8EPSS: 95%CPEs: 1EXPL: 2CVE-2006-3281 – Microsoft Windows XP/2000/2003 - Explorer Drag and Drop Remote Code Execution
https://notcve.org/view.php?id=CVE-2006-3281
28 Jun 2006 — Microsoft Internet Explorer 6.0 does not properly handle Drag and Drop events, which allows remote user-assisted attackers to execute arbitrary code via a link to an SMB file share with a filename that contains encoded ..\ (%2e%2e%5c) sequences and whose extension contains the CLSID Key identifier for HTML Applications (HTA), aka "Folder GUID Code Execution Vulnerability." NOTE: directory traversal sequences were used in the original exploit, although their role is not clear. Microsoft Internet Explorer v6.... • https://www.exploit-db.com/exploits/28357 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 33%CPEs: 1EXPL: 0CVE-2006-3227
https://notcve.org/view.php?id=CVE-2006-3227
26 Jun 2006 — Interpretation conflict between Internet Explorer and other web browsers such as Mozilla, Opera, and Firefox might allow remote attackers to modify the visual presentation of web pages and possibly bypass protection mechanisms such as content filters via ASCII characters with the 8th bit set, which could be stripped by Internet Explorer to render legible text, but not when using other browsers. NOTE: there has been significant discussion about this issue, and as of 20060625, it is not clear where the respon... • http://ha.ckers.org/blog/20060621/malformed-ascii-bypasses-filters •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2006-3200
https://notcve.org/view.php?id=CVE-2006-3200
23 Jun 2006 — Unspecified versions of Internet Explorer allow remote attackers to cause a denial of service (crash) via an IFRAME with a src tag containing a "File://" URI followed by an 8-bit character. NOTE: some third parties were unable to verify this issue. Versión no especificada de Internet Explorer permite a atacantes remotos causar una denegación de servicio (caída) a través de un IFRAME con una etiqueta src que contiene "File://" seguido por un caracter de 8 bits. NOTA: algunos de estos detalles han sido obteni... • http://archives.neohapsis.com/archives/bugtraq/2006-06/0074.html •