Page 7 of 206 results (0.006 seconds)

CVSS: 5.0EPSS: 18%CPEs: 41EXPL: 3

CVE-2006-7065 – Microsoft Internet Explorer 6.0/7.0 - IFrame Refresh Denial of Service

https://notcve.org/view.php?id=CVE-2006-7065

Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via an IFRAME with a certain XML file and XSL stylesheet that triggers a crash in mshtml.dll when a refresh is called, probably a null pointer dereference. Microsoft Internet Explorer permite a atacantes remotos provocar denegación de servicio (caida) a través de un IFRAME con ciertos archivos XML y plantillas de estilo XSL que disparan una cauda en mshtml.dll cuando un se llama se solicita un refresco de cotenido, probablemente a un puntero de referencia nula. • https://www.exploit-db.com/exploits/28343 http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0163.html http://www.securityfocus.com/bid/19364 http://www3.ca.com/be/securityadvisor/vulninfo/Vuln.aspx?ID=34511 •

CVSS: 4.3EPSS: 77%CPEs: 1EXPL: 0

CVE-2007-1114

https://notcve.org/view.php?id=CVE-2007-1114

The child frames in Microsoft Internet Explorer 7 inherit the default charset from the parent window when a charset is not specified in an HTTP Content-Type header or META tag, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 character set. Los marcos hijo en Microsoft Internet Explorer 7 heredan el juego de caracteres de la ventana padre cuando un juego de caracteres no se ha especificado en una cabecera HTTP Content-Type o en una etiqueta META, lo cual permite a atacantes remotos llevar a cabo ataques de secuencias de comandos en sitios cruzados (XSS) , como se demuestra usando el juego de caracteres UTF-7. • http://secunia.com/advisories/24314 http://www.hardened-php.net/advisory_032007.142.html http://www.osvdb.org/32119 http://www.securityfocus.com/archive/1/461076/100/0/threaded http://www.securityfocus.com/bid/22701 http://www.vupen.com/english/advisories/2007/0744 •

CVSS: 6.8EPSS: 24%CPEs: 4EXPL: 0

CVE-2007-1091

https://notcve.org/view.php?id=CVE-2007-1091

Microsoft Internet Explorer 7 allows remote attackers to prevent users from leaving a site, spoof the address bar, and conduct phishing and other attacks via onUnload Javascript handlers. Microsoft Internet Explorer 7 permite a atacantes remotos impedir a los usuarios dejar un sitio, simular la barra de direcciones y llevar a cabo ataques de tipo phishing u otros mediante un gestor de eventos Javascript onUnload. • http://lcamtuf.coredump.cx/ietrap http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052630.html http://secunia.com/advisories/23014 http://securityreason.com/securityalert/2291 http://securitytracker.com/id?1018788 http://www.securityfocus.com/archive/1/461023/100/0/threaded http://www.securityfocus.com/archive/1/461027/100/0/threaded http://www.securityfocus.com/archive/1/482366/100/0/threaded http://www.securityfocus.com/bid/22680 http://www.us-cert.gov/ca •

CVSS: 5.0EPSS: 54%CPEs: 8EXPL: 0

CVE-2006-7030

https://notcve.org/view.php?id=CVE-2006-7030

Microsoft Internet Explorer 6 SP2 and earlier allows remote attackers to cause a denial of service (crash) via certain malformed HTML, possibly involving applet and base tags without required arguments, which triggers a null pointer dereference in mshtml.dll. Microsoft Internet Explorer 6 SP2 y anteriores permite a atacantes remotos provocar denegación de servicio (caida) a través de ciertos HTML malformados, posiblemente afectando a etiquetas base y applet sin argumentos requeridos, lo cual dispara un puntero nulo no referenciado en mshtml.dll. • http://securityreason.com/securityalert/2286 http://www.securityfocus.com/archive/1/435095/30/4710/threaded http://www.securityfocus.com/archive/1/435129/30/4710/threaded http://www.securityfocus.com/bid/18112 https://exchange.xforce.ibmcloud.com/vulnerabilities/26808 •

CVSS: 10.0EPSS: 89%CPEs: 18EXPL: 0

CVE-2007-0219

https://notcve.org/view.php?id=CVE-2007-0219

Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects from (1) Msb1fren.dll, (2) Htmlmm.ocx, and (3) Blnmgrps.dll as ActiveX controls, which allows remote attackers to execute arbitrary code via unspecified vectors, a different issue than CVE-2006-4697. Microsoft Internet Explorer 5.01, 6, y 7 utiliza ciertos objetos COM de (1) Msb1fren.dll, (2) Htmlmm.ocx, y (3) Blnmgrps.dll como controles ActiveX, lo cual permite a atacantes remotos ejecutar código de su elección mediante vectores no especificados, un vector diferente que CVE-2006-4697. • http://secunia.com/advisories/24156 http://www.kb.cert.org/vuls/id/771788 http://www.osvdb.org/31893 http://www.osvdb.org/31894 http://www.osvdb.org/31895 http://www.securityfocus.com/bid/22504 http://www.securitytracker.com/id?1017643 http://www.us-cert.gov/cas/techalerts/TA07-044A.html http://www.vupen.com/english/advisories/2007/0584 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-016 https://exchange.xforce.ibmcloud.com/vulnerab •