CVSS: 9.3EPSS: 80%CPEs: 1EXPL: 0CVE-2006-5581 – Microsoft Internet Explorer normalize() Function Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2006-5581
Unspecified vulnerability in Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code via certain DHTML script functions, such as normalize, and "incorrectly created elements" that trigger memory corruption, aka "DHTML Script Function Memory Corruption Vulnerability." Vulnerabilidad sin especificar en el Microsoft Internet Explorer 6 permite a atacantes remotos ejecutar código de su elección a través de determinadas funciones DHTML , como la "normalize", y "elementos creados incorrectamente" que disparan una corrupción de memoria, también conocido como "Vulnerabilidad de corrupción de memoria mediante una función DHTML". This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific vulnerability exists due to improper handling of the normalize() function. When called in certain circumstances user controllable memory can be used to execute arbitrary code. • http://secunia.com/advisories/23288 http://securitytracker.com/id?1017373 http://www.kb.cert.org/vuls/id/347448 http://www.osvdb.org/30814 http://www.securityfocus.com/archive/1/454210/100/0/threaded http://www.securityfocus.com/archive/1/454969/100/200/threaded http://www.securityfocus.com/bid/21546 http://www.symantec.com/security_response/writeup.jsp?docid=2006-121212-1201-99 http://www.us-cert.gov/cas/techalerts/TA06-346A.html http://www.vupen.com/english/ •
CVSS: 5.0EPSS: 12%CPEs: 2EXPL: 3CVE-2006-6310 – Microsoft Internet Explorer 6 - Frame Src Denial of Service
https://notcve.org/view.php?id=CVE-2006-6310
Microsoft Internet Explorer 6.0 SP1 and earlier allows remote attackers to cause a denial of service (crash) via an invalid src attribute value ("?") in an HTML frame tag that is in a frameset tag with a large rows attribute. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. Microsoft Internet Explorer 6.0 SP1 y anteriores permiten a atacantes remotos provocar una denegación de servicio (caída) mediante un valor del atributo src inválido ("?") en una etiqueta frame de HTML que se encuentra dentro de una etiqueta frameset con un atriburo rows grande. • https://www.exploit-db.com/exploits/29229 http://downloads.securityfocus.com/vulnerabilities/exploits/21447.html http://www.osvdb.org/31325 http://www.securityfocus.com/bid/21447 •
CVSS: 5.0EPSS: 17%CPEs: 12EXPL: 3CVE-2006-5162 – Microsoft Internet Explorer 6 - 'Content-Type' Stack Overflow Crash
https://notcve.org/view.php?id=CVE-2006-5162
wininet.dll in Microsoft Internet Explorer 6.0 SP2 and earlier allows remote attackers to cause a denial of service (unhandled exception and crash) via a long Content-Type header, which triggers a stack overflow. wininet.dll en Microsoft Internet Explorer 6.0 SP2 y anteriores permite a atacantes remotos provocar una denegación de servicio (excepción no manejada y caída) mediante una cabecera Content-Type larga, lo cual dispara un desbordamiento de pila. • https://www.exploit-db.com/exploits/2039 http://archives.neohapsis.com/archives/bugtraq/2006-07/0379.html http://securityreason.com/securityalert/1683 http://www.osvdb.org/29129 http://www.securityfocus.com/bid/19092 http://www.vupen.com/english/advisories/2006/2917 https://exchange.xforce.ibmcloud.com/vulnerabilities/27900 •
CVSS: 9.3EPSS: 23%CPEs: 13EXPL: 5CVE-2006-4868 – MS06-055 Microsoft Internet Explorer VML Fill Method Code Execution
https://notcve.org/view.php?id=CVE-2006-4868
Stack-based buffer overflow in the Vector Graphics Rendering engine (vgx.dll), as used in Microsoft Outlook and Internet Explorer 6.0 on Windows XP SP2, and possibly other versions, allows remote attackers to execute arbitrary code via a Vector Markup Language (VML) file with a long fill parameter within a rect tag. Desbordamiento de búfer basado en el motor Vector Graphics Rendering (vgx.dll), tal y como se usa en Microsoft Outlook e Internet Explorer 6.0 en Windows XP SP2 y posiblemente otras versiones permite a atacantes remotos ejecutar código de su elección mediante un fichero Vector Markup Language (VML) con un parámetro "fill" largo dentro de una etiqueta "rect". • https://www.exploit-db.com/exploits/2425 https://www.exploit-db.com/exploits/16597 https://www.exploit-db.com/exploits/2426 http://blogs.securiteam.com/index.php/archives/624 http://secunia.com/advisories/21989 http://securitytracker.com/id?1016879 http://sunbeltblog.blogspot.com/2006/09/seen-in-wild-zero-day-exploit-being.html http://support.microsoft.com/kb/925486 http://www.kb.cert.org/vuls/id/416092 http://www.microsoft.com/technet/security/advisory/925568.mspx ht • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 71%CPEs: 8EXPL: 0CVE-2006-3638
https://notcve.org/view.php?id=CVE-2006-3638
Microsoft Internet Explorer 5.01 and 6 does not properly handle uninitialized COM objects, which allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code, as demonstrated by the Nth function in the DirectAnimation.DATuple ActiveX control, aka "COM Object Instantiation Memory Corruption Vulnerability." Microsoft Internet Explorer 5.01 y 6 no maneja adecuadamente objetos COM no inicializados, lo cual permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) y posiblemente ejecutar código de su elección, como ha sido demostrado por la función Nth en el control ActiveX DirectAnimation.DATuple, también conocido como "Vulnerabilidad de Corrupción de Memoria en la Instanciación de Objetos COM". • http://secunia.com/advisories/21396 http://securitytracker.com/id?1016663 http://www.kb.cert.org/vuls/id/959049 http://www.osvdb.org/27852 http://www.securityfocus.com/archive/1/442728/100/0/threaded http://www.securityfocus.com/bid/19340 http://www.tippingpoint.com/security/advisories/TSRT-06-09.html http://www.us-cert.gov/cas/techalerts/TA06-220A.html http://www.vupen.com/english/advisories/2006/3212 https://docs.microsoft.com/en-us/security-updates/securitybulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •