CVSS: 9.3EPSS: 31%CPEs: 13EXPL: 2CVE-2007-0024 – Microsoft Internet Explorer - VML Download and Execute (MS07-004)
https://notcve.org/view.php?id=CVE-2007-0024
09 Jan 2007 — Integer overflow in the Vector Markup Language (VML) implementation (vgx.dll) in Microsoft Internet Explorer 5.01, 6, and 7 on Windows 2000 SP4, XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted web page that contains unspecified integer properties that cause insufficient memory allocation and trigger a buffer overflow, aka the "VML Buffer Overrun Vulnerability." Debordamiento de Entero en la implementación (vgx.dll) del Lenguaje de Marcas de Vectores (... • https://www.exploit-db.com/exploits/3148 •
CVSS: 6.5EPSS: 23%CPEs: 3EXPL: 3CVE-2006-6659 – Microsoft Office Outlook Recipient Control - 'ole32.dll' Denial of Service
https://notcve.org/view.php?id=CVE-2006-6659
20 Dec 2006 — The Microsoft Office Outlook Recipient ActiveX control (ole32.dll) in Windows XP SP2 allows remote attackers to cause a denial of service (Internet Explorer 7 hang) via crafted HTML. El control ActiveX Recipient de Microsoft Office Outlook (ole32.dll) en Windows XP SP2 permite a atacantes remotos provocar una denegación de servicio (cuelgue de Internet Explorer 7) mediante una HTML artesanal. • https://www.exploit-db.com/exploits/2946 •
CVSS: 7.5EPSS: 53%CPEs: 1EXPL: 0CVE-2006-5577
https://notcve.org/view.php?id=CVE-2006-5577
12 Dec 2006 — Microsoft Internet Explorer 6 and earlier allows remote attackers to obtain sensitive information via unspecified uses of the OBJECT HTML tag, which discloses the absolute path of the corresponding TIF folder, aka "TIF Folder Information Disclosure Vulnerability," and a different issue than CVE-2006-5578. Microsoft Internet Explorer 6 y versiones anteriores permite a atacantes remotos la obtención de información sensible a través de usos sin especificar de la etiqueta de HTML OBJECT, que revela la ruta abso... • http://secunia.com/advisories/23288 •
CVSS: 7.5EPSS: 47%CPEs: 1EXPL: 0CVE-2006-5578
https://notcve.org/view.php?id=CVE-2006-5578
12 Dec 2006 — Microsoft Internet Explorer 6 and earlier allows remote attackers to read Temporary Internet Files (TIF) and obtain sensitive information via unspecified vectors involving certain drag and drop operations, aka "TIF Folder Information Disclosure Vulnerability," and a different issue than CVE-2006-5577. Microsoft Internet Explorer 6 y versiones anteriores permite a atacantes remotos leer Ficheros Temporales de Internet (TIF) y obtener información sensible a través de vectores sin especificar mediante operacio... • http://secunia.com/advisories/23288 •
CVSS: 6.4EPSS: 2%CPEs: 1EXPL: 1CVE-2006-5913
https://notcve.org/view.php?id=CVE-2006-5913
15 Nov 2006 — Microsoft Internet Explorer 7 allows remote attackers to (1) cause a security certificate from a secure web site to appear invalid via a link to res://ieframe.dll/sslnavcancel.htm with the target site in the anchor identifier, which displays the site's URL in the address bar but causes Internet Explorer to report that the certificate is invalid, or (2) trigger a "The webpage no longer exists" report via a link to res://ieframe.dll/http_410.htm, a variant of CVE-2006-5805. Microsoft Internet Explorer 7 permi... • http://www.blogger.com/comment.g?blogID=15069726&postID=116257593427394541 •
CVSS: 8.8EPSS: 14%CPEs: 6EXPL: 0CVE-2006-5884
https://notcve.org/view.php?id=CVE-2006-5884
14 Nov 2006 — Multiple unspecified vulnerabilities in DirectAnimation ActiveX controls for Microsoft Internet Explorer 5.01 through 6 have unknown impact and remote attack vectors, possibly related to (1) Danim.dll and (2) Lmrt.dll, a different set of vulnerabilities than CVE-2006-4446 and CVE-2006-4777. Múltiples vulnerabilidades no especificadas en controles ActiveX DirectAnimation para Microsoft Internet Explorer 5.01 hasta 6 tiene impacto y vectores desconocidos, posiblemente relacionados con (1) Danim.dll y (2) Lmrt... • http://www.osvdb.org/31324 •
CVSS: 8.8EPSS: 60%CPEs: 6EXPL: 0CVE-2006-4687 – Microsoft Internet Explorer CSS Float Property Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2006-4687
14 Nov 2006 — Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via crafted layout combinations involving DIV tags and HTML CSS float properties that trigger memory corruption, aka "HTML Rendering Memory Corruption Vulnerability." Microsoft Internet Explorer 5.01 hasta 6 permite a atacantes remotos ejecutar código de su elección mediante combinaciones de diseño artesanales implicando etiquetas DIV y propiedades float de HTML CSS que disparan una corrupción de memoria, también co... • http://securitytracker.com/id?1017223 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 2CVE-2006-5805
https://notcve.org/view.php?id=CVE-2006-5805
08 Nov 2006 — Microsoft Internet Explorer 7 allows remote attackers to cause a security certificate from a secure web site to appear invalid via a link to res://ieframe.dll/invalidcert.htm with the target site as an argument, which displays the site's URL in the address bar but causes Internet Explorer to report that the certificate is invalid. Microsoft Internet Explorer 7 permite a atacantes remotos provocar que un certificado de seguridad de una página segura, aparezca como inválido mediante un enlace a res://ieframe.... • http://ingehenriksen.blogspot.com/2006/11/ie7-website-security-certificate.html •
CVSS: 6.4EPSS: 52%CPEs: 1EXPL: 3CVE-2006-5544
https://notcve.org/view.php?id=CVE-2006-5544
26 Oct 2006 — Visual truncation vulnerability in Microsoft Internet Explorer 7 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a malicious URL containing non-breaking spaces (%A0), which causes the address bar to omit some characters from the URL. Vulnerabilidad de truncamiento visual en Microsoft Internet Explorer 7 permite a atacantes remotos suplantar la barra de direcciones y posiblemente conducir ataques de phising mediante una URL maliciosa que contiene espacios non-breaki... • http://blogs.technet.com/msrc/archive/2006/10/26/ie-address-bar-issue.aspx •
CVSS: 6.5EPSS: 21%CPEs: 1EXPL: 0CVE-2006-4888
https://notcve.org/view.php?id=CVE-2006-4888
19 Sep 2006 — Microsoft Internet Explorer 6 and earlier allows remote attackers to cause a denial of service (application hang) via a CSS-formatted HTML INPUT element within a DIV element that has a larger size than the INPUT. Microsoft Internet Explorer 6 y anteriores permite a atacantes remotos provocar una denegación de servicio (aplicación que no responde) vía un elemento INPUT HTML con formato CSS dentro de un elemento DIV que tiene un tamaño mayor que el INPUT. • http://archives.neohapsis.com/archives/bugtraq/2006-07/0199.html •