CVSS: 7.5EPSS: 69%CPEs: 2EXPL: 0CVE-2006-3450 – Microsoft Internet Explorer CSS Class Ordering Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2006-3450
Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using the document.getElementByID Javascript function to access crafted Cascading Style Sheet (CSS) elements, and possibly other unspecified vectors involving certain layout positioning combinations in an HTML file. Microsoft Internet Explorer 6 permite a atacantes remotos ejecutar código de su elección usando la función Javascript document.getElementByID para acceder a elementos de Hojas de Estilo en Cascada (CSS) manipulados, y posiblemente otros vectores no especificados relacionados con determinadas combinaciones de posicionamiento en el diseño de un archivo HTML. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific vulnerability exists due to improper handling of CSS class values. Accessing a specially crafted CSS element via document.getElementByID causes a memory corruption eventually leading to code execution. • http://secunia.com/advisories/21396 http://securitytracker.com/id?1016663 http://www.kb.cert.org/vuls/id/119180 http://www.osvdb.org/27855 http://www.securityfocus.com/archive/1/442579/100/0/threaded http://www.securityfocus.com/bid/19312 http://www.us-cert.gov/cas/techalerts/TA06-220A.html http://www.vupen.com/english/advisories/2006/3212 http://www.zerodayinitiative.com/advisories/ZDI-06-027.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/20 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 92%CPEs: 4EXPL: 3CVE-2006-3915 – Microsoft Internet Explorer 6 - Native Function Iterator Denial of Service
https://notcve.org/view.php?id=CVE-2006-3915
Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by iterating over any native function, as demonstrated with the window.alert function, which triggers a null dereference. Microsoft Internet Explorer 6 sobre Windows XP SP2 permite a atacantes remotos provocar denegación de servicio (caida) a travès de la iteración sobre cualquier función nativa, como se demostro con la función window.alert, lo cual dispara un referencia null. • https://www.exploit-db.com/exploits/28265 http://browserfun.blogspot.com/2006/07/mobb-25-native-function-iterator.html http://www.osvdb.org/27373 http://www.securityfocus.com/bid/19140 http://www.vupen.com/english/advisories/2006/2955 https://exchange.xforce.ibmcloud.com/vulnerabilities/27932 •
CVSS: 5.0EPSS: 47%CPEs: 4EXPL: 2CVE-2006-3899 – Microsoft Internet Explorer 6 - String To Binary Function Denial of Service
https://notcve.org/view.php?id=CVE-2006-3899
Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to cause a denial of service (application crash) by calling the stringToBinary function of the CEnroll.CEnroll.2 ActiveX object with a long second argument, which triggers an invalid memory access inside the SysAllocStringLen function. Microsoft Internet Explorer 6.0 en Windows XP SP2 permite a atacantes remotos provocar una denegación de servicio (cierre de aplicación) llamando a la función stringToBinary del objeto ActiveX CEnroll.CEnroll.2 con un segundo argumento largo, lo cual dispara un acceso a memoria inválido dentro de la función SysAllocStringLen. • https://www.exploit-db.com/exploits/28252 http://browserfun.blogspot.com/2006/07/mobb-21-cenroll-stringtobinary.html http://www.osvdb.org/27230 http://www.securityfocus.com/bid/19102 http://www.vupen.com/english/advisories/2006/2916 https://exchange.xforce.ibmcloud.com/vulnerabilities/27884 •
CVSS: 5.0EPSS: 83%CPEs: 3EXPL: 2CVE-2006-3898 – Microsoft Internet Explorer 6 - Internet.HHCtrl Click Denial of Service
https://notcve.org/view.php?id=CVE-2006-3898
Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to cause a denial of service (application crash) by calling the Click method of the Internet.HHCtrl.1 ActiveX object before initializing the URL, which triggers a null dereference. Microsoft Internet Explorer 6.0 sobre Windows XP SP2 permite a atacantes remotos provocar denegación de servicio (caida de aplicación) a través de la llamada al método click del objeto ActiveX Internet.HHCtrl.1 anterior a la inicialización de la URL, la cual dispara un referencia a un NULL. • https://www.exploit-db.com/exploits/28256 http://browserfun.blogspot.com/2006/07/mobb-22-internethhctrl-click.html http://www.osvdb.org/27231 http://www.securityfocus.com/bid/19109 http://www.vupen.com/english/advisories/2006/2952 https://exchange.xforce.ibmcloud.com/vulnerabilities/27929 •
CVSS: 5.0EPSS: 96%CPEs: 4EXPL: 2CVE-2006-3897 – Microsoft Internet Explorer 6 - NMSA.ASFSourceMediaDescription Stack Overflow
https://notcve.org/view.php?id=CVE-2006-3897
Stack overflow in Microsoft Internet Explorer 6 on Windows 2000 allows remote attackers to cause a denial of service (application crash) by creating an NMSA.ASFSourceMediaDescription.1 ActiveX object with a long dispValue property. Desbordamiento de búfer basado en pila en Microsoft Internet Explorer 6 sobre Windows 2000 permite a atacantes remotos provocar denegación de servicio (caida de aplicación) a través de la creación de un objeto ActiveX NMSA.ASFSourceMediaDescription.1 con una propiedad dispValue. • https://www.exploit-db.com/exploits/28259 http://browserfun.blogspot.com/2006/07/mobb-23-nmsaasfsourcemediadescription.html http://www.osvdb.org/27232 http://www.securityfocus.com/bid/19114 http://www.vupen.com/english/advisories/2006/2953 https://exchange.xforce.ibmcloud.com/vulnerabilities/27930 • CWE-787: Out-of-bounds Write •