CVSS: 10.0EPSS: 96%CPEs: 12EXPL: 1CVE-2007-0217 – Microsoft Internet Explorer - FTP Server Response Denial of Service (MS07-016)
https://notcve.org/view.php?id=CVE-2007-0217
The wininet.dll FTP client code in Microsoft Internet Explorer 5.01 and 6 might allow remote attackers to execute arbitrary code via an FTP server response of a specific length that causes a terminating null byte to be written outside of a buffer, which causes heap corruption. El código del cliente FTP wininet.dll en Microsoft Internet Explorer 5.01 y 6 podría permitir a atacantes remotos ejecutar código de su elección mediante una respuesta FTP del servidor de una longitud específica que provoca que el byte nulo de terminación sea escrito fuera del búfer, lo cual provoca la corrupción de la pila. • https://www.exploit-db.com/exploits/3444 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=473 http://secunia.com/advisories/24156 http://www.kb.cert.org/vuls/id/613564 http://www.osvdb.org/31892 http://www.securityfocus.com/archive/1/462303/100/0/threaded http://www.securityfocus.com/bid/22489 http://www.securitytracker.com/id?1017642 http://www.us-cert.gov/cas/techalerts/TA07-044A.html http://www.vupen.com/english/advisories/2007/0584 https:&#x •
CVSS: 6.8EPSS: 62%CPEs: 4EXPL: 0CVE-2006-4702
https://notcve.org/view.php?id=CVE-2006-4702
Buffer overflow in the Windows Media Format Runtime in Microsoft Windows Media Player (WMP) 6.4 and Windows XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file. Desbordamiento de Búfer en el Windows Media Format Runtime del Microsoft Windows Media Player (WMP) 6.4 y Windows XP SP2, Server 2003, y Server 2003 SP1 permite a atacantes remotos ejecutar código de su elección a través de la modificación del fichero Advanced Systems Format (ASF). • http://securitytracker.com/id?1017372 http://support.avaya.com/elmodocs2/security/ASA-2006-274.htm http://www.securityfocus.com/archive/1/454969/100/200/threaded http://www.securityfocus.com/bid/21505 http://www.us-cert.gov/cas/techalerts/TA06-346A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-078 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A536 •