CVE-2007-3041
https://notcve.org/view.php?id=CVE-2007-3041
Unspecified vulnerability in the pdwizard.ocx ActiveX object for Internet Explorer 5.01, 6 SP1, and 7 allows remote attackers to execute arbitrary code via unknown vectors related to Microsoft Visual Basic 6 objects and memory corruption, aka "ActiveX Object Memory Corruption Vulnerability." Una vulnerabilidad no especificada en el objeto ActiveX del archivo pdwizard.ocx para Internet Explorer versiones 5.01, 6 SP1 y 7, permite a atacantes remotos ejecutar código arbitrario por medio de vectores de ataque desconocidos relacionados con objetos de Microsoft Visual Basic versión 6 y una corrupción de memoria, también se conoce como "ActiveX Object Memory Corruption Vulnerability". • http://secunia.com/advisories/26419 http://securitytracker.com/id?1018562 http://www.osvdb.org/36395 http://www.securityfocus.com/bid/25295 http://www.us-cert.gov/cas/techalerts/TA07-226A.html http://www.vupen.com/english/advisories/2007/2869 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-045 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2232 •
CVE-2007-2216 – Microsoft Internet Explorer 5.0.1 - 'TBLinf32.dll' ActiveX Control Remote Code Execution
https://notcve.org/view.php?id=CVE-2007-2216
The tblinf32.dll (aka vstlbinf.dll) ActiveX control for Internet Explorer 5.01, 6 SP1, and 7 uses an incorrect IObjectsafety implementation, which allows remote attackers to execute arbitrary code by requesting the HelpString property, involving a crafted DLL file argument to the TypeLibInfoFromFile function, which overwrites the HelpStringDll property to call the DLLGetDocumentation function in another DLL file, aka "ActiveX Object Vulnerability." El control ActiveX de la biblioteca tblinf32.dll (también conocida como vstlbinf.dll) para Internet Explorer versiones 5.01, 6 SP1 y 7 utiliza una implementación IObjectsafety inapropiada, que permite a los atacantes remotos ejecutar código arbitrario mediante peticiones a la propiedad HelpString, que involucra un argumento de archivo DLL elaborado para la función TypeLibInfoFromFile, que sobrescribe la propiedad HelpStringDll para llamar a la función DLLGetDocumentation en otro archivo DLL, también se conoce como "ActiveX Object Vulnerability." • https://www.exploit-db.com/exploits/30490 http://secunia.com/advisories/26419 http://securitytracker.com/id?1018562 http://www.osvdb.org/36396 http://www.securityfocus.com/archive/1/476742/100/0/threaded http://www.securityfocus.com/bid/25289 http://www.us-cert.gov/cas/techalerts/TA07-226A.html http://www.vupen.com/english/advisories/2007/2869 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-045 https://oval.cisecurity.org/repository/search/d • CWE-16: Configuration •
CVE-2007-4227
https://notcve.org/view.php?id=CVE-2007-4227
Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service via a certain JPG file, as demonstrated by something.jpg. NOTE: this issue might be related to CVE-2007-3958. Microsoft Windows Explorer (explorer.exe) permite a atacantes remotos con la complicidad del usuario provocar una denegación de servicio mediante cierto fichero JPG, como ha sido demostrado por something.jpg. NOTA: este asunto podría estar relacionado con CVE-2007-3958. • http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.html http://www.securityfocus.com/archive/1/475655/100/0/threaded http://www.securityfocus.com/bid/25207 •
CVE-2007-3670 – Microsoft Internet Explorer and Mozilla Firefox - URI Handler Command Injection
https://notcve.org/view.php?id=CVE-2007-3670
Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Firefox installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a (1) FirefoxURL or (2) FirefoxHTML URI, which are inserted into the command line that is created when invoking firefox.exe. NOTE: it has been debated as to whether the issue is in Internet Explorer or Firefox. As of 20070711, it is CVE's opinion that IE appears to be failing to properly delimit the URL argument when invoking Firefox, and this issue could arise with other protocol handlers in IE as well. However, Mozilla has stated that it will address the issue with a "defense in depth" fix that will "prevent IE from sending Firefox malicious data." Una vulnerabilidad de inyección de argumentos en Microsoft Internet Explorer, cuando es ejecutado en sistemas con Firefox instalado y ciertos URIs registrados, permiten a atacantes remotos conducir ataques de tipo cross-browser scripting y ejecutar comandos arbitrarios por medio de metacaracteres de shell en un URI (1) FirefoxURL o (2) FirefoxHTML, que son insertadas en la línea de comandos que son creadas cuando se invoca el archivo firefox.exe. • https://www.exploit-db.com/exploits/30285 ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0160.html http://blog.mozilla.com/security/2007/07/10/security-issue-in-url-protocol-handling-on-windows http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id= • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2007-3550
https://notcve.org/view.php?id=CVE-2007-3550
Microsoft Internet Explorer 6.0 and 7.0 allows remote attackers to fill Zones with arbitrary domains using certain metacharacters such as wildcards via JavaScript, which results in a denial of service (website suppression and resource consumption), aka "Internet Explorer Zone Domain Specification Dos and Page Suppressing". NOTE: this issue has been disputed by a third party, who states that the zone settings cannot be manipulated ** EN DISPUTA ** Microsoft Internet Explorer versión 6.0 y versión 7.0 permite a atacantes remotos rellenar Zonas con dominios de su elección utilizando determinados metacaracteres tales como comodines mediante JavaScript, lo cual resulta en una denegación de servicio (supresión de sitios web y agotamiento de recursos), también conocida como "Internet Explorer Zone Domain Specification Dos and Page Suppressing". NOTA: esta cuestión ha sido discutida por una tercera parte, la cual establece que la configuración de la zona no puede ser manipulada. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064326.html http://osvdb.org/45814 http://securityreason.com/securityalert/2855 http://www.secniche.org/advisory/Internet_Dos_Adv.pdf http://www.securityfocus.com/archive/1/472651/100/0/threaded http://www.securityfocus.com/archive/1/473662 http://www.securityfocus.com/archive/1/485536/100/0/threaded http://www.securityfocus.com/bid/24744 https://exchange.xforce.ibmcloud.com/vulnerabilities/35455 • CWE-94: Improper Control of Generation of Code ('Code Injection') •