CVSS: 7.5EPSS: 64%CPEs: 2EXPL: 3CVE-2006-3510 – Microsoft Internet Explorer 6 - RDS.DataControl Denial of Service
https://notcve.org/view.php?id=CVE-2006-3510
11 Jul 2006 — The Remote Data Service Object (RDS.DataControl) in Microsoft Internet Explorer 6 on Windows 2000 allows remote attackers to cause a denial of service (crash) via a series of operations that result in an invalid length calculation when using SysAllocStringLen, then triggers a buffer over-read. The Remote Data Service Object (RDS.DataControl) de Microsoft Internet Explorer 6 en Windows 2000 permite a atacantes remotos provocar una denegación de servicio (caída) a través de series de operaciones que resultan ... • https://www.exploit-db.com/exploits/28194 •
CVSS: 5.3EPSS: 36%CPEs: 2EXPL: 2CVE-2006-3472 – Microsoft Internet Explorer 6 - Href Title Denial of Service
https://notcve.org/view.php?id=CVE-2006-3472
10 Jul 2006 — Microsoft Internet Explorer 6.0 and 6.0 SP1 allows remote attackers to cause a denial of service via an HTML page with an A tag containing a long title attribute. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Microsoft Internet Explorer 6.0 y 6.0 SP1 permite a atacantes remotos provocar una denegación de servicio a través de una página HTML con una etiqueta A que contiene un atributo de título largo. NOTA: el origen de esta información es ... • https://www.exploit-db.com/exploits/28164 •
CVSS: 7.5EPSS: 74%CPEs: 2EXPL: 1CVE-2006-3471 – Microsoft Internet Explorer 6 - Table.Frameset NULL Dereference
https://notcve.org/view.php?id=CVE-2006-3471
10 Jul 2006 — Microsoft Internet Explorer 6 on Windows XP allows remote attackers to cause a denial of service (crash) via a table with a frameset as a child, which triggers a null dereference, as demonstrated using the appendChild method. Microsoft Internet Explorer 6 en Windows XP, permite a atacantes remotos provocar una denegación de servicio (caída) a través de una tabla con un frameset (conjunto de marcos) como hijo, esto provoca una referencia nula, como se ha demostrado utilizando el método appendChild. • https://www.exploit-db.com/exploits/1989 •
CVSS: 7.5EPSS: 87%CPEs: 21EXPL: 3CVE-2006-3354 – Microsoft Internet Explorer 6 - ADODB.Recordset Filter Property Denial of Service
https://notcve.org/view.php?id=CVE-2006-3354
06 Jul 2006 — Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Filter property of an ADODB.Recordset ActiveX object to certain values multiple times, which triggers a null dereference. Vulnerabilidad en el navegador web Internet Explorer v6 de Microsoft que permite a atacantes remotos causar una denegación de servicio (indisponibilidad de la aplicación) asignando a la propiedad "Filter" (filtro) de un objeto ActiveX ADODB.Recordset ciertos valores varias veces, lo ... • https://www.exploit-db.com/exploits/28145 •
CVSS: 7.8EPSS: 80%CPEs: 32EXPL: 0CVE-2006-2378
https://notcve.org/view.php?id=CVE-2006-2378
13 Jun 2006 — Buffer overflow in the ART Image Rendering component (jgdw400.dll) in Microsoft Windows XP SP1 and Sp2, Server 2003 SP1 and earlier, and Windows 98 and Me allows remote attackers to execute arbitrary code via a crafted ART image that causes heap corruption. • http://secunia.com/advisories/20605 •
CVSS: 9.3EPSS: 94%CPEs: 11EXPL: 0CVE-2006-1303
https://notcve.org/view.php?id=CVE-2006-1303
13 Jun 2006 — Multiple unspecified vulnerabilities in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allow remote attackers to execute arbitrary code by instantiating certain COM objects from Wmm2fxa.dll as ActiveX controls including (1) DXImageTransform.Microsoft.MMSpecialEffect1Input, (2) DXImageTransform.Microsoft.MMSpecialEffect1Input.1, (3) DXImageTransform.Microsoft.MMSpecialEffect2Inputs, (4) DXImageTransform.Microsoft.MMSpecialEffect2Inputs.1, (5) DXImageTransform.Microsoft.MMSpecialEffectInplace1Inpu... • http://secunia.com/advisories/20595 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 11%CPEs: 2EXPL: 0CVE-2006-2385
https://notcve.org/view.php?id=CVE-2006-2385
13 Jun 2006 — Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted web page that triggers memory corruption when it is saved as a multipart HTML (.mht) file. Vulnerabilidad no especificada en Microsoft Internet Explorer 5.01 SP4 y 6 SP1 y anteriores permite a atacantes asistidos por el usuario ejecutar código de forma arbitraria a través de una página web manipulada que dispara una corrupción de memoria cuando... • http://secunia.com/advisories/20595 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.1EPSS: 76%CPEs: 11EXPL: 0CVE-2006-2900
https://notcve.org/view.php?id=CVE-2006-2900
07 Jun 2006 — Internet Explorer 6 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be inserted into a file upload input control, which can then upload the file when the user submits the form. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046610.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 91%CPEs: 5EXPL: 2CVE-2006-2766 – Microsoft Windows XP/2000/2003 - MHTML URI Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2006-2766
02 Jun 2006 — Buffer overflow in INETCOMM.DLL, as used in Microsoft Internet Explorer 6.0 through 6.0 SP2, Windows Explorer, Outlook Express 6, and possibly other programs, allows remote user-assisted attackers to cause a denial of service (application crash) via a long mhtml URI in the URL value in a URL file. • https://www.exploit-db.com/exploits/27930 •
CVSS: 7.5EPSS: 23%CPEs: 23EXPL: 2CVE-2006-2094 – Microsoft Internet Explorer 5.0.1 - Modal Dialog Manipulation
https://notcve.org/view.php?id=CVE-2006-2094
29 Apr 2006 — Microsoft Internet Explorer before Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1, when Prompt is configured in Security Settings, uses modal dialogs to verify that a user wishes to run an ActiveX control or perform other risky actions, which allows user-assisted remote attackers to construct a race condition that tricks a user into clicking an object or pressing keys that are actually applied to a "Yes" approval for executing the control. • https://www.exploit-db.com/exploits/27744 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •