CVSS: 9.3EPSS: 23%CPEs: 13EXPL: 5CVE-2006-4868 – MS06-055 Microsoft Internet Explorer VML Fill Method Code Execution
https://notcve.org/view.php?id=CVE-2006-4868
Stack-based buffer overflow in the Vector Graphics Rendering engine (vgx.dll), as used in Microsoft Outlook and Internet Explorer 6.0 on Windows XP SP2, and possibly other versions, allows remote attackers to execute arbitrary code via a Vector Markup Language (VML) file with a long fill parameter within a rect tag. Desbordamiento de búfer basado en el motor Vector Graphics Rendering (vgx.dll), tal y como se usa en Microsoft Outlook e Internet Explorer 6.0 en Windows XP SP2 y posiblemente otras versiones permite a atacantes remotos ejecutar código de su elección mediante un fichero Vector Markup Language (VML) con un parámetro "fill" largo dentro de una etiqueta "rect". • https://www.exploit-db.com/exploits/2425 https://www.exploit-db.com/exploits/16597 https://www.exploit-db.com/exploits/2426 http://blogs.securiteam.com/index.php/archives/624 http://secunia.com/advisories/21989 http://securitytracker.com/id?1016879 http://sunbeltblog.blogspot.com/2006/09/seen-in-wild-zero-day-exploit-being.html http://support.microsoft.com/kb/925486 http://www.kb.cert.org/vuls/id/416092 http://www.microsoft.com/technet/security/advisory/925568.mspx ht • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 16%CPEs: 10EXPL: 0CVE-2006-3873
https://notcve.org/view.php?id=CVE-2006-3873
Heap-based buffer overflow in URLMON.DLL in Microsoft Internet Explorer 6 SP1 on Windows 2000 and XP SP1, with versions the MS06-042 patch before 20060912, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long URL in a GZIP-encoded website that was the target of an HTTP redirect, due to an incomplete fix for CVE-2006-3869. Desbordamiento de búfer basado en montón en URLMON.DLL en Microsoft Internet Explorer 6 SP1 sobre Windows 2000 y XP SP1, con versiones del parche MS06-042 anterior a 12/09/2006, permite a un atacante remoto provocar denegación de servicio(caida) o ejecutar código de su elección a través de una URL grande en un sitio web GZIP-codificado que fue el objetivo de una redirección HTTP, debido a un arreglo incompleto del CVE-2006-3869. • http://research.eeye.com/html/advisories/published/AD20060912.html http://securityreason.com/securityalert/1555 http://securitytracker.com/id?1016839 http://weblog.infoworld.com/techwatch/archives/007870.html http://www.osvdb.org/30834 http://www.securityfocus.com/archive/1/445835/100/0/threaded http://www.securityfocus.com/bid/19987 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-042 https://exchange.xforce.ibmcloud.com/vulnerabilities/28893 •
CVSS: 7.5EPSS: 96%CPEs: 21EXPL: 1CVE-2006-4495 – Microsoft Windows Server 2000 - Multiple COM Object Instantiation Code Execution Vulnerabilities
https://notcve.org/view.php?id=CVE-2006-4495
Microsoft Internet Explorer allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code by instantiating certain Windows 2000 ActiveX COM Objects including (1) ciodm.dll, (2) myinfo.dll, (3) msdxm.ocx, and (4) creator.dll. Microsoft Internet Explorer permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) y posiblemente ejecutar código de su elección instanciando ciertos objetos Windows 2000 ActiveX COM incluyendo (1) ciodm.dll, (2) myinfo.dll, (3) msdxm.ocx, y (4) creator.dll. • https://www.exploit-db.com/exploits/28420 http://securityreason.com/securityalert/1474 http://www.securityfocus.com/archive/1/443896/100/100/threaded http://www.securityfocus.com/bid/19636 http://www.xsec.org/index.php?module=Releases&act=view&type=1&id=16 https://exchange.xforce.ibmcloud.com/vulnerabilities/28512 •
CVSS: 10.0EPSS: 80%CPEs: 7EXPL: 1CVE-2006-3440 – Microsoft Windows - DNS Resolution Remote Denial of Service (PoC) (MS06-041)
https://notcve.org/view.php?id=CVE-2006-3440
Buffer overflow in the Winsock API in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka "Winsock Hostname Vulnerability." Desbordamiento de búfer en Winsock API en Microsoft Windows 2000 SP4, XP SP1 y SP2, y Server 2003 SP1 permite a atacantes remotos ejecutar código de su elección a tavés de vectores desconocidos, tambien conocido cómo "Vulnerabilidad Winsock Hostname". • https://www.exploit-db.com/exploits/2900 http://secunia.com/advisories/21394 http://securitytracker.com/id?1016653 http://www.kb.cert.org/vuls/id/908276 http://www.securityfocus.com/bid/19319 http://www.us-cert.gov/cas/techalerts/TA06-220A.html http://www.vupen.com/english/advisories/2006/3211 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-041 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A747 •
CVSS: 10.0EPSS: 93%CPEs: 7EXPL: 1CVE-2006-3441 – Microsoft Windows - DNS Resolution Remote Denial of Service (PoC) (MS06-041)
https://notcve.org/view.php?id=CVE-2006-3441
Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted record response. NOTE: while MS06-041 implies that there is a single issue, there are multiple vectors, and likely multiple vulnerabilities, related to (1) a heap-based buffer overflow in a DNS server response to the client, (2) a DNS server response with malformed ATMA records, and (3) a length miscalculation in TXT, HINFO, X25, and ISDN records. Desbordamiento de búger en el servicio Client DNS en Microsoft Windows 2000 SP4, XP SP1 y SP2, y Server 2003 SP1 permite a un atacante remoto ejecutar código de su elección a través de respuestas de registro manipulada. NOTA: Mientras MS06-041 implica que hay un solo asunto, hay múltiples vulnerabilidades, relacionados con (1) desbordamiento de búfer basado en pila en un respuesta de servidor DNS al cliente, (2) un respuesta de servidor DNS con registros ATMA mal formados, y (3)un gran pérdida de cálculo en los registros TXT, HINFO, X25, e ISDN. • https://www.exploit-db.com/exploits/2900 http://secunia.com/advisories/21394 http://securitytracker.com/id?1016653 http://www.kb.cert.org/vuls/id/794580 http://www.osvdb.org/27844 http://www.securityfocus.com/bid/19404 http://www.us-cert.gov/cas/techalerts/TA06-220A.html http://www.vupen.com/english/advisories/2006/3211 http://xforce.iss.net/xforce/alerts/id/233 http://xforce.iss.net/xforce/alerts/id/234 http://xforce.iss.net/xforce/alerts/id/235&# •