CVSS: 6.5EPSS: 2%CPEs: 3EXPL: 0CVE-2006-3545
https://notcve.org/view.php?id=CVE-2006-3545
13 Jul 2006 — Microsoft Internet Explorer 7.0 Beta allows remote attackers to cause a denial of service (application crash) via a web page with multiple empty APPLET start tags. NOTE: a third party has disputed this issue, stating that the crash does not occur with Microsoft Internet Explorer 7.0 Beta3 ** IMPUGNADA ** Microsoft Internet Explorer 7.0 Beta permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) mediante una página web con múltiples etiquetas de apertura APPLET. NOTA:una tercer... • http://www.securityfocus.com/archive/1/438754/100/0/threaded •
CVSS: 6.5EPSS: 87%CPEs: 9EXPL: 3CVE-2006-3513 – Microsoft Internet Explorer 6 - DirectAnimation.DAUserData Denial of Service
https://notcve.org/view.php?id=CVE-2006-3513
11 Jul 2006 — danim.dll in Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (application crash) by accessing the Data property of a DirectAnimation DAUserData object before it is initialized, which triggers a NULL pointer dereference. danim.dll de Microsoft Internet Explorer 6 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) por acceder a los datos de propiedad de un objeto DirectAnimation DAUserData antes de que sea inicializado, lo cual dispara un p... • https://www.exploit-db.com/exploits/28196 •
CVSS: 7.5EPSS: 84%CPEs: 4EXPL: 3CVE-2006-3511 – Microsoft Internet Explorer 6 - 'HtmlDlgSafeHelper' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2006-3511
11 Jul 2006 — Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by setting the fonts property of the HtmlDlgSafeHelper object, which triggers a null dereference. Internet Explorer 6 on Windows XP SP2 permite a atacantes remotos provocar una denegación de servicio (caída) activando la propiedad fonts del objeto HtmlDlgSafeHelper, lo que dispara una referencia nula. • https://www.exploit-db.com/exploits/28202 •
CVSS: 7.5EPSS: 85%CPEs: 4EXPL: 2CVE-2006-3512 – Microsoft Internet Explorer 6 - Object.Microsoft.DXTFilter Denial of Service
https://notcve.org/view.php?id=CVE-2006-3512
11 Jul 2006 — Internet Explorer 6 on Windows XP allows remote attackers to cause a denial of service (crash) by setting the Enabled property of a DXTFilter ActiveX object to true, which triggers a null dereference. Internet Explorer 6 on Windows XP permite a atacantes remotos provocar una denegación de servicio (caída) activando la propiedad Enabled de un objeto ActiveX DXTFilter a verdadero, lo que dispara una referencia nula. • https://www.exploit-db.com/exploits/28197 •
CVSS: 5.3EPSS: 36%CPEs: 2EXPL: 2CVE-2006-3472 – Microsoft Internet Explorer 6 - Href Title Denial of Service
https://notcve.org/view.php?id=CVE-2006-3472
10 Jul 2006 — Microsoft Internet Explorer 6.0 and 6.0 SP1 allows remote attackers to cause a denial of service via an HTML page with an A tag containing a long title attribute. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Microsoft Internet Explorer 6.0 y 6.0 SP1 permite a atacantes remotos provocar una denegación de servicio a través de una página HTML con una etiqueta A que contiene un atributo de título largo. NOTA: el origen de esta información es ... • https://www.exploit-db.com/exploits/28164 •
CVSS: 7.5EPSS: 86%CPEs: 3EXPL: 2CVE-2006-3427 – Microsoft Internet Explorer 5.0.1/6.0 - Structured Graphics Control Denial of Service
https://notcve.org/view.php?id=CVE-2006-3427
07 Jul 2006 — Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by declaring the sourceURL attribute on an uninitialized DirectAnimation.StructuredGraphicsControl ActiveX Object, which triggers a null dereference. Microsoft Internet Explorer 6 permite a atacantes remotos provocar una denegación de servicio (caída) mediante la declaración del atributo sourceURL en un objeto ActiveX DirectAnimation.StructuredGraphicsControl sin inicializar, lo cual dispara un referencia a NULL. • https://www.exploit-db.com/exploits/28169 •
CVSS: 8.8EPSS: 92%CPEs: 1EXPL: 1CVE-2006-3357
https://notcve.org/view.php?id=CVE-2006-3357
06 Jul 2006 — Heap-based buffer overflow in HTML Help ActiveX control (hhctrl.ocx) in Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code by repeatedly setting the Image field of an Internet.HHCtrl.1 object to certain values, possibly related to improper escaping and long strings. Desbordamiento del búfer de memoria libre para la reserva dinámica en HTML Help ActiveX control (hhctrl.ocx) en Microsoft Internet Explorer 6.0, que permit... • http://browserfun.blogspot.com/2006/07/mobb-2-internethhctrl-image-property.html •
CVSS: 7.5EPSS: 87%CPEs: 21EXPL: 3CVE-2006-3354 – Microsoft Internet Explorer 6 - ADODB.Recordset Filter Property Denial of Service
https://notcve.org/view.php?id=CVE-2006-3354
06 Jul 2006 — Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Filter property of an ADODB.Recordset ActiveX object to certain values multiple times, which triggers a null dereference. Vulnerabilidad en el navegador web Internet Explorer v6 de Microsoft que permite a atacantes remotos causar una denegación de servicio (indisponibilidad de la aplicación) asignando a la propiedad "Filter" (filtro) de un objeto ActiveX ADODB.Recordset ciertos valores varias veces, lo ... • https://www.exploit-db.com/exploits/28145 •
CVSS: 7.5EPSS: 96%CPEs: 1EXPL: 1CVE-2006-3280 – Microsoft Internet Explorer 5.0.1 - OuterHTML redirection Handling Information Disclosure
https://notcve.org/view.php?id=CVE-2006-3280
28 Jun 2006 — Cross-domain vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, aka "Redirect Cross-Domain Information Disclosure Vulnerability." Vulnerabilidad de dominios cruzados en Microsoft Int... • https://www.exploit-db.com/exploits/28118 •
CVSS: 8.8EPSS: 95%CPEs: 1EXPL: 2CVE-2006-3281 – Microsoft Windows XP/2000/2003 - Explorer Drag and Drop Remote Code Execution
https://notcve.org/view.php?id=CVE-2006-3281
28 Jun 2006 — Microsoft Internet Explorer 6.0 does not properly handle Drag and Drop events, which allows remote user-assisted attackers to execute arbitrary code via a link to an SMB file share with a filename that contains encoded ..\ (%2e%2e%5c) sequences and whose extension contains the CLSID Key identifier for HTML Applications (HTA), aka "Folder GUID Code Execution Vulnerability." NOTE: directory traversal sequences were used in the original exploit, although their role is not clear. Microsoft Internet Explorer v6.... • https://www.exploit-db.com/exploits/28357 • CWE-20: Improper Input Validation •