CVSS: 9.8EPSS: 92%CPEs: 2EXPL: 0CVE-2006-3451 – Microsoft Internet Explorer Multiple CSS Imports Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2006-3451
08 Aug 2006 — Microsoft Internet Explorer 5 SP4 and 6 do not properly garbage collect when "multiple imports are used on a styleSheets collection" to construct a chain of Cascading Style Sheets (CSS), which allows remote attackers to execute arbitrary code via unspecified vectors. Microsoft Internet Explorer 5 SP4 y 6 no recogen adecuadamente la basura cuando "se utilizan múltiples importaciones en una colección de hojas de estilo" para construir una cadena de Hojas de Estilo en Cascada (CSS), lo cual permite a atacantes... • http://secunia.com/advisories/21396 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 83%CPEs: 2EXPL: 0CVE-2006-3450 – Microsoft Internet Explorer CSS Class Ordering Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2006-3450
08 Aug 2006 — Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using the document.getElementByID Javascript function to access crafted Cascading Style Sheet (CSS) elements, and possibly other unspecified vectors involving certain layout positioning combinations in an HTML file. Microsoft Internet Explorer 6 permite a atacantes remotos ejecutar código de su elección usando la función Javascript document.getElementByID para acceder a elementos de Hojas de Estilo en Cascada (CSS) manipulado... • http://secunia.com/advisories/21396 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 9%CPEs: 1EXPL: 3CVE-2006-3943 – Microsoft Internet Explorer 6 - NDFXArtEffects Stack Overflow
https://notcve.org/view.php?id=CVE-2006-3943
31 Jul 2006 — Stack-based buffer overflow in NDFXArtEffects in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) via long (1) RGBExtraColor, (2) RGBForeColor, and (3) RGBBackColor properties. Desbordamiento de búfer basado en pila en NDFXArtEffects de Microsoft Internet Explorer 6 en Windows XP SP2 permite a atacantes remotos provocar una denegación de servicio (caída) mediante propiedades largas (1) RGBExtraColor, (2) RGBForeColor, y (3) RGBBackColor. • https://www.exploit-db.com/exploits/28286 •
CVSS: 6.5EPSS: 56%CPEs: 1EXPL: 2CVE-2006-3944 – Microsoft Internet Explorer 6 - Multiple Object ListWidth Property Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2006-3944
31 Jul 2006 — Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) via a (1) Forms.ListBox.1 or (2) Forms.ListBox.1 object with the ListWidth property set to (a) 0x7fffffff, which triggers an integer overflow exception, or to (b) 0x7ffffffe, which triggers a null dereference. Microsoft Internet Explorer 6 en Windows XP SP2 permite a atacantes remotos provocar una denegación de servicio (caída) mediante un objeto (1) Forms.ListBox.1 o (2) Forms.ListBox.1 con la propi... • https://www.exploit-db.com/exploits/28258 •
CVSS: 7.5EPSS: 80%CPEs: 1EXPL: 3CVE-2006-3910 – Microsoft Internet Explorer 6 - OVCtl Denial of Service
https://notcve.org/view.php?id=CVE-2006-3910
28 Jul 2006 — Internet Explorer 6 on Windows XP SP2, when Outlook is installed, allows remote attackers to cause a denial of service (crash) by calling the NewDefaultItem function of an OVCtl (OVCtl.OVCtl.1) ActiveX object, which triggers a null dereference. Internet Explorer 6 sobre Windows XP SP2, cuando Outlook está instalado, permite a atacantes remotos provocar denegación de servicio (caida) a través de llamadas a la función NewDefaultItem de un objeto OVCtl (OVCtl.OVCtl.1) ActiveXm lo cual dispara una dereferencia ... • https://www.exploit-db.com/exploits/28246 •
CVSS: 9.8EPSS: 97%CPEs: 3EXPL: 7CVE-2006-3730 – Microsoft Internet Explorer - WebViewFolderIcon setSlice()
https://notcve.org/view.php?id=CVE-2006-3730
19 Jul 2006 — Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads to an invalid memory copy. Desbordamiento de entero en Microsoft Internet Explorer 6 sobre Windows XP SP2 permite a atacantes remotos provocar denegación de servicio (caida) y ejecutar código de su elección a través deun argumento 0x7fffffff en el método s... • https://www.exploit-db.com/exploits/2458 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 11%CPEs: 2EXPL: 0CVE-2006-3657
https://notcve.org/view.php?id=CVE-2006-3657
17 Jul 2006 — Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (stack overflow exception) via a DXImageTransform.Microsoft.Gradient ActiveX object with a long (1) StartColorStr or (2) EndColorStr property. Microsoft Internet Explorer 6 permite a atacantes remotos provocar una denegación de servicio (excepción de desbordamiento de pila) a través del objeto de ActiveX DXImageTransform.Microsoft.Gradient con una propiedad larga (1) StartColorStr o (2) EndColorStr. • http://browserfun.blogspot.com/2006/07/mobb-17-dximagetransformmicrosoftgradi.html •
CVSS: 6.5EPSS: 11%CPEs: 2EXPL: 0CVE-2006-3659
https://notcve.org/view.php?id=CVE-2006-3659
17 Jul 2006 — Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the location or URL property of a MHTMLFile ActiveX object. Microsoft Internet Explorer 6 Microsoft Internet Explorer 6 permite a atacantes remotos provocar una denegación de servicio (caída) estableciendo la propiedad location o URL del objeto ActiveX MHTMLFile. • http://browserfun.blogspot.com/2006/07/mobb-16-mhtmlfile-location.html •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 1CVE-2006-3658
https://notcve.org/view.php?id=CVE-2006-3658
17 Jul 2006 — Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by accessing the object references of a FolderItem ActiveX object, which triggers a null dereference in the security check. Microsoft Internet Explorer 6 permite a atacantes remotos provocar denegación de servicio (caida) a través del acceso a referencia a objeto de un objeto Active X FolderItem, el cual dispara un referencia null en la validación de seguridad. • http://browserfun.blogspot.com/2006/07/mobb-15-folderitem-access.html •
CVSS: 6.5EPSS: 87%CPEs: 9EXPL: 3CVE-2006-3513 – Microsoft Internet Explorer 6 - DirectAnimation.DAUserData Denial of Service
https://notcve.org/view.php?id=CVE-2006-3513
11 Jul 2006 — danim.dll in Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (application crash) by accessing the Data property of a DirectAnimation DAUserData object before it is initialized, which triggers a NULL pointer dereference. danim.dll de Microsoft Internet Explorer 6 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) por acceder a los datos de propiedad de un objeto DirectAnimation DAUserData antes de que sea inicializado, lo cual dispara un p... • https://www.exploit-db.com/exploits/28196 •