CVE-2006-3869
https://notcve.org/view.php?id=CVE-2006-3869
Heap-based buffer overflow in URLMON.DLL in Microsoft Internet Explorer 6 SP1 on Windows 2000 and XP SP1, with versions the MS06-042 patch before 20060824, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long URL on a website that uses HTTP 1.1 compression. Desbordamiento de búfer basado en montón en URLMON.DLL en Microsoft Internet Explorer 6 SP1 en Windows 2000 y XP SP1, con versiones del parche MS06-042 anteriores al 24/08/2006, permite a atacantes remotos provocar una denegación de servicio (caída) o ejecutar código de su elección mediante una URL larga en un sitio web que utilice compresión HTTP 1.1. • http://secunia.com/advisories/21557 http://securityreason.com/securityalert/1441 http://securitytracker.com/id?1016731 http://support.microsoft.com/kb/923762 http://www.kb.cert.org/vuls/id/821156 http://www.microsoft.com/technet/security/advisory/923762.mspx http://www.nsfocus.com/english/homepage/research/0608.htm http://www.osvdb.org/28132 http://www.securityfocus.com/archive/1/444046/100/0/threaded http://www.securityfocus.com/archive/1/444241/100/0/threaded http:/ •
CVE-2006-4301 – Microsoft Internet Explorer 6 - DirectX Media Remote Overflow Denial of Service
https://notcve.org/view.php?id=CVE-2006-4301
Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash) via a long Color attribute in multiple DirectX Media Image DirectX Transforms ActiveX COM Objects from (a) dxtmsft.dll and (b) dxtmsft3.dll, including (1) DXImageTransform.Microsoft.MaskFilter.1, (2) DXImageTransform.Microsoft.Chroma.1, and (3) DX3DTransform.Microsoft.Shapes.1. Microsoft Internet Explorer 6.0 SP1 permite a atacantes remotos provocar una denegación de servicio (caída) a través de un atributo Color largo en múltiples objetos DirectX Media Image DirectX Transforms ActiveX COM de (a) dxtmsft.dll y (b) dxtmsft3.dll, incluyendo (1) DXImageTransform.Microsoft.MaskFilter.1, (2) DXImageTransform.Microsoft.Chroma.1 y (3) DX3DTransform.Microsoft.Shapes.1. • https://www.exploit-db.com/exploits/4251 https://www.exploit-db.com/exploits/28421 http://securityreason.com/securityalert/1439 http://www.osvdb.org/29524 http://www.osvdb.org/29525 http://www.securityfocus.com/archive/1/443907/100/0/threaded http://www.securityfocus.com/bid/19640 http://xsec.org/index.php?module=releases&act=view&type=1&id=17 https://exchange.xforce.ibmcloud.com/vulnerabilities/28516 • CWE-20: Improper Input Validation •
CVE-2006-4219 – Microsoft Internet Explorer 6 - 'TSUserEX.dll' ActiveX Control Memory Corruption
https://notcve.org/view.php?id=CVE-2006-4219
The Terminal Services COM object (tsuserex.dll) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by instantiating it as an ActiveX object in Internet Explorer 6.0 SP1 on Microsoft Windows 2003 EE SP1 CN. El objeto COM de Servicios de Terminal (tsuserex.dll) permite a atacantes remotos provocar unad enegación de servicio (caída) y posiblemente ejecutar código de su elección instanciándolo como un objeto ActiveX en Internet Explorer 6.0 SP1 en Microsoft Windows 2003 EE SP1 CN. • https://www.exploit-db.com/exploits/28400 http://securityreason.com/securityalert/1403 http://www.securityfocus.com/archive/1/443493/100/0/threaded http://www.securityfocus.com/bid/19570 http://www.xsec.org/index.php?module=Releases&act=view&type=1&id=14 https://exchange.xforce.ibmcloud.com/vulnerabilities/28444 •
CVE-2006-4193 – Microsoft Internet Explorer 6 - 'IMSKDIC.dll' Denial of Service
https://notcve.org/view.php?id=CVE-2006-4193
Microsoft Internet Explorer 6.0 SP1 and possibly other versions allows remote attackers to cause a denial of service and possibly execute arbitrary code by instantiating COM objects as ActiveX controls, including (1) imskdic.dll (Microsoft IME), (2) chtskdic.dll (Microsoft IME), and (3) msoe.dll (Outlook), which leads to memory corruption. NOTE: it is not certain whether the issue is in Internet Explorer or the individual DLL files. Microsoft Internet Explorer 6.0 SP1 y posiblemente otras versiones permite a atacantes remotos provocar una denegación de servicio y posiblemente ejecutar código de su elección instanciando objetos COM como controles ActiveX, incluyendo (1) imskdic.dll (Microsoft IME), (2) chtskdic.dll (Microsoft IME), y (3) msoe.dll (Outlook), lo que lleva a una corrupción de memoria. NOTA: no está confirmado si este problema está en Internet Explorer o en los archivos DLL individuales. • https://www.exploit-db.com/exploits/28387 https://www.exploit-db.com/exploits/28389 http://securityreason.com/securityalert/1402 http://www.osvdb.org/29345 http://www.osvdb.org/29346 http://www.osvdb.org/29347 http://www.securityfocus.com/archive/1/443290/100/0/threaded http://www.securityfocus.com/archive/1/443295/100/0/threaded http://www.securityfocus.com/archive/1/443299/100/0/threaded http://www.securityfocus.com/bid/19521 http://www.securityfocus.com/bid •
CVE-2006-3638
https://notcve.org/view.php?id=CVE-2006-3638
Microsoft Internet Explorer 5.01 and 6 does not properly handle uninitialized COM objects, which allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code, as demonstrated by the Nth function in the DirectAnimation.DATuple ActiveX control, aka "COM Object Instantiation Memory Corruption Vulnerability." Microsoft Internet Explorer 5.01 y 6 no maneja adecuadamente objetos COM no inicializados, lo cual permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) y posiblemente ejecutar código de su elección, como ha sido demostrado por la función Nth en el control ActiveX DirectAnimation.DATuple, también conocido como "Vulnerabilidad de Corrupción de Memoria en la Instanciación de Objetos COM". • http://secunia.com/advisories/21396 http://securitytracker.com/id?1016663 http://www.kb.cert.org/vuls/id/959049 http://www.osvdb.org/27852 http://www.securityfocus.com/archive/1/442728/100/0/threaded http://www.securityfocus.com/bid/19340 http://www.tippingpoint.com/security/advisories/TSRT-06-09.html http://www.us-cert.gov/cas/techalerts/TA06-220A.html http://www.vupen.com/english/advisories/2006/3212 https://docs.microsoft.com/en-us/security-updates/securitybulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •