CVSS: 9.3EPSS: 94%CPEs: 10EXPL: 0CVE-2007-0944 – Microsoft Internet Explorer Table Column Deletion Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2007-0944
Unspecified vulnerability in the CTableCol::OnPropertyChange method in Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; and 6 on Windows XP SP2, or Windows Server 2003 SP1 or SP2 allows remote attackers to execute arbitrary code by calling deleteCell on a named table row in a named table column, then accessing the column, which causes Internet Explorer to access previously deleted objects, aka the "Uninitialized Memory Corruption Vulnerability." Vulnerabilidad no especificada en el método CTableCol::OnPropertyChange de Microsoft Internet Explorer 5.01 SP4 en Windows 2000 SP4; 6 SP1 en Windows 2000 SP4; y 6 en Windows XP SP2, o Windows Server 2003 SP1 o SP2 permite a atacantes remotos ejecutar código de su elección llamando a deleteCell en una fila de tabla con nombre, y después accediendo a la columna, lo cual provoca que Internet Explorer acceda a objetos previamente borrados, también conocida como "Vulnerabilidad de Corrupción de Memoria No Inicializada". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the CTableCol::OnPropertyChange() method. When a named table row in HTML contains a named table column, then calls the deleteCell() JavaScript method, any property of the table column, existing or not, accessed after the deletion takes place will trigger an exploitable memory corruption. • http://secunia.com/advisories/23769 http://www.osvdb.org/34400 http://www.securityfocus.com/archive/1/467989/100/0/threaded http://www.securityfocus.com/archive/1/468871/100/200/threaded http://www.securityfocus.com/bid/23771 http://www.securitytracker.com/id?1018019 http://www.us-cert.gov/cas/techalerts/TA07-128A.html http://www.vupen.com/english/advisories/2007/1712 http://www.zerodayinitiative.com/advisories/ZDI-07-027.html https://docs.microsoft.com/en-us/securit •
CVSS: 9.3EPSS: 5%CPEs: 43EXPL: 11CVE-2007-1765 – Microsoft Windows Explorer - '.ANI' File Denial of Service
https://notcve.org/view.php?id=CVE-2007-1765
Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier. Una vulnerabilidad no especificada en Microsoft Windows 2000 SP4 hasta Windows Vista permite a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (reinicio persistente) por medio de un archivo ANI malformado, lo que resulta en una corrupción de memoria durante el procesamiento de cursores, cursores animados e iconos, un problema similar al CVE-2005-0416, como se demostró originalmente usando Internet Explorer versiones 6 y 7. NOTA: este problema podría ser un duplicado del CVE-2007-0038; si es así, utilizar el CVE-2007-0038 en lugar de este identificador. • https://www.exploit-db.com/exploits/3684 https://www.exploit-db.com/exploits/3647 https://www.exploit-db.com/exploits/3695 https://www.exploit-db.com/exploits/3652 https://www.exploit-db.com/exploits/3617 https://www.exploit-db.com/exploits/3636 https://www.exploit-db.com/exploits/3651 https://www.exploit-db.com/exploits/4045 https://www.exploit-db.com/exploits/16698 https://www.exploit-db.com/exploits/3635 https://www.exploit-db.com/exploits/3634 http: •
CVSS: 7.1EPSS: 15%CPEs: 4EXPL: 2CVE-2006-7066 – Microsoft Internet Explorer 6 - Deleted Frame Object Denial of Service
https://notcve.org/view.php?id=CVE-2006-7066
Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by creating an object inside an iframe, deleting the frame by setting its location.href to about:blank, then accessing a property of the object within the deleted frame, which triggers a NULL pointer dereference. NOTE: it was later reported that 7.0.6000.16473 and earlier are also affected. Microsoft Internet Explorer versión 6 en Windows XP SP2, permite a atacantes remotos causar una denegación de servicio (bloqueo) mediante la creación de un objeto dentro de un iframe, eliminando el marco estableciendo su location.href en about:blank, luego accediendo a una propiedad del objeto dentro del marco eliminado, que desencadena una desreferencia del puntero NULL. NOTA: más tarde se reportó que la versión 7.0.6000.16473 y anteriores también están afectadas. • https://www.exploit-db.com/exploits/28301 http://archives.neohapsis.com/archives/bugtraq/2009-07/0193.html http://blogs.securiteam.com/index.php/archives/554 http://browserfun.blogspot.com/2006/07/mobb-30-orphan-object-properties.html http://websecurity.com.ua/3130 http://www.osvdb.org/27533 http://www.securityfocus.com/bid/19228 https://exchange.xforce.ibmcloud.com/vulnerabilities/28068 •
CVSS: 5.0EPSS: 18%CPEs: 41EXPL: 3CVE-2006-7065 – Microsoft Internet Explorer 6.0/7.0 - IFrame Refresh Denial of Service
https://notcve.org/view.php?id=CVE-2006-7065
Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via an IFRAME with a certain XML file and XSL stylesheet that triggers a crash in mshtml.dll when a refresh is called, probably a null pointer dereference. Microsoft Internet Explorer permite a atacantes remotos provocar denegación de servicio (caida) a través de un IFRAME con ciertos archivos XML y plantillas de estilo XSL que disparan una cauda en mshtml.dll cuando un se llama se solicita un refresco de cotenido, probablemente a un puntero de referencia nula. • https://www.exploit-db.com/exploits/28343 http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0163.html http://www.securityfocus.com/bid/19364 http://www3.ca.com/be/securityadvisor/vulninfo/Vuln.aspx?ID=34511 •
CVSS: 6.8EPSS: 24%CPEs: 4EXPL: 0CVE-2007-1091
https://notcve.org/view.php?id=CVE-2007-1091
Microsoft Internet Explorer 7 allows remote attackers to prevent users from leaving a site, spoof the address bar, and conduct phishing and other attacks via onUnload Javascript handlers. Microsoft Internet Explorer 7 permite a atacantes remotos impedir a los usuarios dejar un sitio, simular la barra de direcciones y llevar a cabo ataques de tipo phishing u otros mediante un gestor de eventos Javascript onUnload. • http://lcamtuf.coredump.cx/ietrap http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052630.html http://secunia.com/advisories/23014 http://securityreason.com/securityalert/2291 http://securitytracker.com/id?1018788 http://www.securityfocus.com/archive/1/461023/100/0/threaded http://www.securityfocus.com/archive/1/461027/100/0/threaded http://www.securityfocus.com/archive/1/482366/100/0/threaded http://www.securityfocus.com/bid/22680 http://www.us-cert.gov/ca •