CVSS: 10.0EPSS: 85%CPEs: 4EXPL: 1CVE-2006-1189 – Microsoft Internet Explorer - HTML Tag Memory Corruption (MS06-013)
https://notcve.org/view.php?id=CVE-2006-1189
11 Apr 2006 — Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via a crafted URL with an International Domain Name (IDN) using double-byte character sets (DBCS), aka the "Double Byte Character Parsing Memory Corruption Vulnerability." • https://www.exploit-db.com/exploits/1838 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 92%CPEs: 4EXPL: 1CVE-2006-1190 – Microsoft Internet Explorer - HTML Tag Memory Corruption (MS06-013)
https://notcve.org/view.php?id=CVE-2006-1190
11 Apr 2006 — Microsoft Internet Explorer 5.01 through 6 does not always return the correct IOleClientSite information when dynamically creating an embedded object, which could cause Internet Explorer to run the object in the wrong security context or zone, and allow remote attackers to execute arbitrary code. • https://www.exploit-db.com/exploits/1838 •
CVSS: 4.3EPSS: 20%CPEs: 4EXPL: 1CVE-2006-1191 – Microsoft Internet Explorer - HTML Tag Memory Corruption (MS06-013)
https://notcve.org/view.php?id=CVE-2006-1191
11 Apr 2006 — Microsoft Internet Explorer 5.01 through 6 does not always correctly identify the domain that is associated with a browser window, which allows remote attackers to obtain sensitive cross-domain information and spoof sites by running script after the user has navigated to another site. • https://www.exploit-db.com/exploits/1838 •
CVSS: 4.3EPSS: 49%CPEs: 9EXPL: 1CVE-2006-1192 – Microsoft Internet Explorer - HTML Tag Memory Corruption (MS06-013)
https://notcve.org/view.php?id=CVE-2006-1192
11 Apr 2006 — Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow "window content to persist" after the user has navigated to another site, aka the "Address Bar Spoofing Vulnerability." NOTE: this is a different vulnerability than CVE-2006-1626. • https://www.exploit-db.com/exploits/1838 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 93%CPEs: 23EXPL: 1CVE-2006-1188 – Microsoft Internet Explorer - HTML Tag Memory Corruption (MS06-013)
https://notcve.org/view.php?id=CVE-2006-1188
11 Apr 2006 — Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption. • https://www.exploit-db.com/exploits/1838 •
CVSS: 8.8EPSS: 94%CPEs: 9EXPL: 1CVE-2006-1185 – Microsoft Internet Explorer - HTML Tag Memory Corruption (MS06-013)
https://notcve.org/view.php?id=CVE-2006-1185
11 Apr 2006 — Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption. • https://www.exploit-db.com/exploits/1838 •
CVSS: 6.5EPSS: 78%CPEs: 2EXPL: 3CVE-2006-1626 – Microsoft Internet Explorer 5 - Address Bar Spoofing
https://notcve.org/view.php?id=CVE-2006-1626
05 Apr 2006 — Internet Explorer 6 for Windows XP SP2 and earlier allows remote attackers to spoof the address bar and possibly conduct phishing attacks by re-opening the window to a malicious Shockwave Flash application, then changing the window location back to a trusted URL while the Flash application is still loading. NOTE: this is a different vulnerability than CVE-2006-1192. • https://www.exploit-db.com/exploits/27577 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 68%CPEs: 3EXPL: 1CVE-2006-1388 – Microsoft Internet Explorer - HTML Tag Memory Corruption (MS06-013)
https://notcve.org/view.php?id=CVE-2006-1388
24 Mar 2006 — Unspecified vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to execute HTA files via unknown vectors. • https://www.exploit-db.com/exploits/1838 •
CVSS: 9.8EPSS: 97%CPEs: 4EXPL: 6CVE-2006-1359 – Microsoft Internet Explorer - HTML Tag Memory Corruption (MS06-013)
https://notcve.org/view.php?id=CVE-2006-1359
23 Mar 2006 — Microsoft Internet Explorer 6 and 7 Beta 2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a certain createTextRange call on a checkbox object, which results in a dereference of an invalid table pointer. • https://www.exploit-db.com/exploits/1838 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 70%CPEs: 1EXPL: 2CVE-2006-1016 – Microsoft Internet Explorer - isComponentInstalled Overflow
https://notcve.org/view.php?id=CVE-2006-1016
07 Mar 2006 — Buffer overflow in the IsComponentInstalled method in Internet Explorer 6.0, when used on Windows 2000 before SP4 or Windows XP before SP1, allows remote attackers to execute arbitrary code via JavaScript that calls IsComponentInstalled with a long first argument. • https://www.exploit-db.com/exploits/16549 •