CVSS: 7.5EPSS: 81%CPEs: 1EXPL: 1CVE-2007-2291
https://notcve.org/view.php?id=CVE-2007-2291
CRLF injection vulnerability in the Digest Authentication support for Microsoft Internet Explorer 7.0.5730.11 allows remote attackers to conduct HTTP response splitting attacks via a LF (%0a) in the username attribute. Una vulnerabilidad de la inyección CRLF en el soporte Digest Authentication implícita para Microsoft Internet Explorer versión 7.0.5730.11 permite a los atacantes remotos realizar ataques de división de respuesta HTTP por medio de un LF (% 0a) en el atributo de nombre de usuario. • http://securityreason.com/securityalert/2654 http://www.securityfocus.com/archive/1/466906/100/0/threaded http://www.securityfocus.com/bid/23668 http://www.securitytracker.com/id?1017969 http://www.wisec.it/vulns.php?id=11 https://exchange.xforce.ibmcloud.com/vulnerabilities/33978 •
CVSS: 4.3EPSS: 10%CPEs: 1EXPL: 0CVE-2007-2161
https://notcve.org/view.php?id=CVE-2007-2161
Microsoft Internet Explorer 7 allows remote attackers to cause a denial of service (browser hang) via JavaScript that matches a regular expression against a long string, as demonstrated using /(.)*/. Microsoft Internet Explorer 7 permite a atacantes remotos provocar denegación de servicio (cuelgue del navegador) a través de JavaScript que valida una expresión regular con una cadena larga, como se demostró utilizando /(.)*/. • http://osvdb.org/43314 http://www.securityfocus.com/archive/1/466017/100/0/threaded http://www.securityfocus.com/archive/1/466043/100/0/threaded http://www.securityfocus.com/archive/1/466175/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/33715 •
CVSS: 5.0EPSS: 18%CPEs: 41EXPL: 3CVE-2006-7065 – Microsoft Internet Explorer 6.0/7.0 - IFrame Refresh Denial of Service
https://notcve.org/view.php?id=CVE-2006-7065
Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via an IFRAME with a certain XML file and XSL stylesheet that triggers a crash in mshtml.dll when a refresh is called, probably a null pointer dereference. Microsoft Internet Explorer permite a atacantes remotos provocar denegación de servicio (caida) a través de un IFRAME con ciertos archivos XML y plantillas de estilo XSL que disparan una cauda en mshtml.dll cuando un se llama se solicita un refresco de cotenido, probablemente a un puntero de referencia nula. • https://www.exploit-db.com/exploits/28343 http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0163.html http://www.securityfocus.com/bid/19364 http://www3.ca.com/be/securityadvisor/vulninfo/Vuln.aspx?ID=34511 •
CVSS: 7.8EPSS: 13%CPEs: 1EXPL: 0CVE-2007-1094
https://notcve.org/view.php?id=CVE-2007-1094
Microsoft Internet Explorer 7 allows remote attackers to cause a denial of service (NULL dereference and application crash) via JavaScript onUnload handlers that modify the structure of a document. Microsoft Internet Explorer 7 permite a atacantes remotos provocar una denegación de servicio (referencia a NULL y cierre de aplicación) mediante manejadores JavaScript onUnload que modifican la estructura de un documento. • http://osvdb.org/45248 http://securityreason.com/securityalert/2302 http://www.securityfocus.com/archive/1/461024/100/0/threaded http://www.securityfocus.com/bid/22678 https://exchange.xforce.ibmcloud.com/vulnerabilities/32647 •
CVSS: 10.0EPSS: 87%CPEs: 18EXPL: 0CVE-2007-0219
https://notcve.org/view.php?id=CVE-2007-0219
Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects from (1) Msb1fren.dll, (2) Htmlmm.ocx, and (3) Blnmgrps.dll as ActiveX controls, which allows remote attackers to execute arbitrary code via unspecified vectors, a different issue than CVE-2006-4697. Microsoft Internet Explorer 5.01, 6, y 7 utiliza ciertos objetos COM de (1) Msb1fren.dll, (2) Htmlmm.ocx, y (3) Blnmgrps.dll como controles ActiveX, lo cual permite a atacantes remotos ejecutar código de su elección mediante vectores no especificados, un vector diferente que CVE-2006-4697. • http://secunia.com/advisories/24156 http://www.kb.cert.org/vuls/id/771788 http://www.osvdb.org/31893 http://www.osvdb.org/31894 http://www.osvdb.org/31895 http://www.securityfocus.com/bid/22504 http://www.securitytracker.com/id?1017643 http://www.us-cert.gov/cas/techalerts/TA07-044A.html http://www.vupen.com/english/advisories/2007/0584 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-016 https://exchange.xforce.ibmcloud.com/vulnerab •