CVSS: 9.3EPSS: 92%CPEs: 14EXPL: 0CVE-2007-0947
https://notcve.org/view.php?id=CVE-2007-0947
Use-after-free vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, resulting in accessing deallocated memory of CMarkup objects, aka the second of two "HTML Objects Memory Corruption Vulnerabilities" and a different issue than CVE-2007-0946. Una vulnerabilidad de uso de memoria previamente liberada en Microsoft Internet Explorer 7 en Windows XP SP2, Windows Server 2003 SP1 o SP2, o Windows Vista permite a los atacantes remotos ejecutar código arbitrario por medio de objetos HTML creados, resultando en el acceso a la memoria desasignada de objetos CMarkup, también conocida como el segunda de dos "HTML Objects Memory Corruption Vulnerabilities" y un problema diferente de CVE-2007-0946. • http://secunia.com/advisories/23769 http://secunia.com/secunia_research/2007-36/advisory http://www.osvdb.org/34403 http://www.securityfocus.com/archive/1/468871/100/200/threaded http://www.securityfocus.com/bid/23772 http://www.securitytracker.com/id?1018019 http://www.us-cert.gov/cas/techalerts/TA07-128A.html http://www.vupen.com/english/advisories/2007/1712 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027 https://exchange.xforce.ibmcloud. • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 80%CPEs: 13EXPL: 0CVE-2007-0945
https://notcve.org/view.php?id=CVE-2007-0945
Microsoft Internet Explorer 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; and 7 on Windows Vista allows remote attackers to execute arbitrary code via certain property methods that may trigger memory corruption, aka "Property Memory Corruption Vulnerability." Microsoft Internet Explorer 6 SP1 sobre Windows 2000 SP4; 6 y 7 sobre Windows XP SP2, o Windows Server 2003 SP1 o SP2; y 7 sobre Windows Vista permite a atacantes remotos ejecutar código de su elección a través de ciertos métodos propietarios que podrían disparar corrupciones de memoria, también conocido como "Vulnerabilidad de la corrupción de la memoria propietaria". • http://secunia.com/advisories/23769 http://www.osvdb.org/34401 http://www.securityfocus.com/archive/1/468871/100/200/threaded http://www.securityfocus.com/bid/23769 http://www.securitytracker.com/id?1018019 http://www.us-cert.gov/cas/techalerts/TA07-128A.html http://www.vupen.com/english/advisories/2007/1712 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1463 •
CVSS: 9.3EPSS: 92%CPEs: 13EXPL: 1CVE-2007-2221 – Microsoft Internet Explorer 7 - Arbitrary File Rewrite (MS07-027)
https://notcve.org/view.php?id=CVE-2007-2221
Unspecified vulnerability in the mdsauth.dll COM object in Microsoft Windows Media Server in the Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; or 7 on Windows Vista allows remote attackers to overwrite arbitrary files via unspecified vectors, aka the "Arbitrary File Rewrite Vulnerability." Vulnerabilidad no especificada en el objeto COM mdsauth.dll de Microsoft Windows Media Server en Microsoft Internet Explorer 5.01 SP4 de Windows 2000 SP4; 6 SP1 de Windows 2000 SP4; 6 y 7 de Windows XP SP2, ó Windows Server 2003 SP1 ó SP2; ó 7 en Windows Vista permite a atacantes remotos sobre-escribir ficheros de su elección mediante vectores no especificado, también conocido como "Vulnerabilidad de Sobre-Escritura de Ficheros De Su Elección". • https://www.exploit-db.com/exploits/3892 http://secunia.com/advisories/23769 http://www.fortiguardcenter.com/advisory/FGA-2007-07.html http://www.kb.cert.org/vuls/id/500753 http://www.osvdb.org/34404 http://www.securityfocus.com/archive/1/468871/100/200/threaded http://www.securityfocus.com/bid/23827 http://www.securitytracker.com/id?1018019 http://www.us-cert.gov/cas/techalerts/TA07-128A.html http://www.vupen.com/english/advisories/2007/1712 https://docs. •
CVSS: 9.3EPSS: 92%CPEs: 8EXPL: 0CVE-2007-0946
https://notcve.org/view.php?id=CVE-2007-0946
Unspecified vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, which results in memory corruption, aka the first of two "HTML Objects Memory Corruption Vulnerabilities" and a different issue than CVE-2007-0947. Vulnerabilidad no especificada en Microsoft Internet Explorer 7 de Windows XP SP2, Windows Server 2003 SP1 ó SP2, ó Windows Vista permite a atacantes remotos ejecutar código de su elección mediante objetos HMTL manipulados, lo que conduce a corrupción de memoria, también conocido como el primero de dos "Vulnerabilidades de Corrupción de Memoria de Objetos HTML", vulnerabilidad distinta a CVE-2007-0947. • http://secunia.com/advisories/23769 http://www.osvdb.org/34402 http://www.securityfocus.com/archive/1/468871/100/200/threaded http://www.securityfocus.com/bid/23770 http://www.securitytracker.com/id?1018019 http://www.us-cert.gov/cas/techalerts/TA07-128A.html http://www.vupen.com/english/advisories/2007/1712 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027 https://exchange.xforce.ibmcloud.com/vulnerabilities/33255 https://oval.cisecurity.org/re •
CVSS: 7.5EPSS: 81%CPEs: 1EXPL: 1CVE-2007-2291
https://notcve.org/view.php?id=CVE-2007-2291
CRLF injection vulnerability in the Digest Authentication support for Microsoft Internet Explorer 7.0.5730.11 allows remote attackers to conduct HTTP response splitting attacks via a LF (%0a) in the username attribute. Una vulnerabilidad de la inyección CRLF en el soporte Digest Authentication implícita para Microsoft Internet Explorer versión 7.0.5730.11 permite a los atacantes remotos realizar ataques de división de respuesta HTTP por medio de un LF (% 0a) en el atributo de nombre de usuario. • http://securityreason.com/securityalert/2654 http://www.securityfocus.com/archive/1/466906/100/0/threaded http://www.securityfocus.com/bid/23668 http://www.securitytracker.com/id?1017969 http://www.wisec.it/vulns.php?id=11 https://exchange.xforce.ibmcloud.com/vulnerabilities/33978 •