CVE-2006-7065 – Microsoft Internet Explorer 6.0/7.0 - IFrame Refresh Denial of Service
https://notcve.org/view.php?id=CVE-2006-7065
Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via an IFRAME with a certain XML file and XSL stylesheet that triggers a crash in mshtml.dll when a refresh is called, probably a null pointer dereference. Microsoft Internet Explorer permite a atacantes remotos provocar denegación de servicio (caida) a través de un IFRAME con ciertos archivos XML y plantillas de estilo XSL que disparan una cauda en mshtml.dll cuando un se llama se solicita un refresco de cotenido, probablemente a un puntero de referencia nula. • https://www.exploit-db.com/exploits/28343 http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0163.html http://www.securityfocus.com/bid/19364 http://www3.ca.com/be/securityadvisor/vulninfo/Vuln.aspx?ID=34511 •
CVE-2007-1091
https://notcve.org/view.php?id=CVE-2007-1091
Microsoft Internet Explorer 7 allows remote attackers to prevent users from leaving a site, spoof the address bar, and conduct phishing and other attacks via onUnload Javascript handlers. Microsoft Internet Explorer 7 permite a atacantes remotos impedir a los usuarios dejar un sitio, simular la barra de direcciones y llevar a cabo ataques de tipo phishing u otros mediante un gestor de eventos Javascript onUnload. • http://lcamtuf.coredump.cx/ietrap http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052630.html http://secunia.com/advisories/23014 http://securityreason.com/securityalert/2291 http://securitytracker.com/id?1018788 http://www.securityfocus.com/archive/1/461023/100/0/threaded http://www.securityfocus.com/archive/1/461027/100/0/threaded http://www.securityfocus.com/archive/1/482366/100/0/threaded http://www.securityfocus.com/bid/22680 http://www.us-cert.gov/ca •
CVE-2006-7029
https://notcve.org/view.php?id=CVE-2006-7029
Microsoft Internet Explorer 6 SP2 and earlier allows remote attackers to cause a denial of service (crash) via a frameset with only one frame that calls resizeTo with certain arguments. NOTE: this issue might be related to CVE-2006-3637. Microsoft Internet Explorer 6 SP2 y anteriores permite a atacantes remotos provocar denegación de servicio (caida) a través de un frameset con solamente un frame que llama a resizeTo con ciertos argumentos. NOTA: Este asunto podría estar relacionado con CVE-2006-3637. • http://www.securityfocus.com/archive/1/434742/30/4830/threaded http://www.securityfocus.com/archive/1/434903/30/4800/threaded http://www.securityfocus.com/archive/1/435004/30/4740/threaded http://www.securityfocus.com/archive/1/435147/30/4680/threaded http://www.securityfocus.com/archive/1/435168/30/4680/threaded http://www.securityfocus.com/archive/1/435990 •
CVE-2006-7031 – Microsoft Internet Explorer 6.0.2900 SP2 - CSS Attribute Denial of Service
https://notcve.org/view.php?id=CVE-2006-7031
Microsoft Internet Explorer 6.0.2900 SP2 and earlier allows remote attackers to cause a denial of service (crash) via a table element with a CSS attribute that sets the position, which triggers an "unhandled exception" in mshtml.dll. Microsoft Internet Explorer 6.0.2900 SP2 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (caída) mediante un elemento tabla con un atributo CSS que fija la posición, lo cual dispara una "excepción no manejada" en mshtml.dll. • https://www.exploit-db.com/exploits/1775 http://www.securityfocus.com/bid/17932 •
CVE-2007-0219
https://notcve.org/view.php?id=CVE-2007-0219
Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects from (1) Msb1fren.dll, (2) Htmlmm.ocx, and (3) Blnmgrps.dll as ActiveX controls, which allows remote attackers to execute arbitrary code via unspecified vectors, a different issue than CVE-2006-4697. Microsoft Internet Explorer 5.01, 6, y 7 utiliza ciertos objetos COM de (1) Msb1fren.dll, (2) Htmlmm.ocx, y (3) Blnmgrps.dll como controles ActiveX, lo cual permite a atacantes remotos ejecutar código de su elección mediante vectores no especificados, un vector diferente que CVE-2006-4697. • http://secunia.com/advisories/24156 http://www.kb.cert.org/vuls/id/771788 http://www.osvdb.org/31893 http://www.osvdb.org/31894 http://www.osvdb.org/31895 http://www.securityfocus.com/bid/22504 http://www.securitytracker.com/id?1017643 http://www.us-cert.gov/cas/techalerts/TA07-044A.html http://www.vupen.com/english/advisories/2007/0584 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-016 https://exchange.xforce.ibmcloud.com/vulnerab •