CVSS: 5.0EPSS: 96%CPEs: 1EXPL: 2CVE-2006-4446 – Microsoft Internet Explorer 5.0.1 - Daxctle.OCX Spline Method Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-4446
Heap-based buffer overflow in DirectAnimation.PathControl COM object (daxctle.ocx) in Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Spline function call whose first argument specifies a large number of points. Desbordamiento de búfer basado en montículo en el objeto COM DirectAnimation.PathControl (daxctle.ocx) en Microsoft Internet Explorer 6.0 SP1 permite a atacantes remotos provocar una denegación de servicio y posiblemente ejecutar código de su elección mediante una llamada a la función Spline cuyo primer argumento especifica un número grande de puntos. • https://www.exploit-db.com/exploits/28438 http://secunia.com/advisories/21910 http://securityreason.com/securityalert/1468 http://securitytracker.com/id?1016764 http://www.osvdb.org/28841 http://www.securityfocus.com/archive/1/444504/100/0/threaded http://www.securityfocus.com/bid/19738 http://www.us-cert.gov/cas/techalerts/TA06-318A.html http://www.xsec.org/index.php?module=releases&act=view&type=1&id=19 https://docs.microsoft.com/en-us/security-updates/securitybulletins& •
CVSS: 7.5EPSS: 95%CPEs: 1EXPL: 0CVE-2006-3869
https://notcve.org/view.php?id=CVE-2006-3869
Heap-based buffer overflow in URLMON.DLL in Microsoft Internet Explorer 6 SP1 on Windows 2000 and XP SP1, with versions the MS06-042 patch before 20060824, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long URL on a website that uses HTTP 1.1 compression. Desbordamiento de búfer basado en montón en URLMON.DLL en Microsoft Internet Explorer 6 SP1 en Windows 2000 y XP SP1, con versiones del parche MS06-042 anteriores al 24/08/2006, permite a atacantes remotos provocar una denegación de servicio (caída) o ejecutar código de su elección mediante una URL larga en un sitio web que utilice compresión HTTP 1.1. • http://secunia.com/advisories/21557 http://securityreason.com/securityalert/1441 http://securitytracker.com/id?1016731 http://support.microsoft.com/kb/923762 http://www.kb.cert.org/vuls/id/821156 http://www.microsoft.com/technet/security/advisory/923762.mspx http://www.nsfocus.com/english/homepage/research/0608.htm http://www.osvdb.org/28132 http://www.securityfocus.com/archive/1/444046/100/0/threaded http://www.securityfocus.com/archive/1/444241/100/0/threaded http:/ •
CVSS: 5.0EPSS: 40%CPEs: 1EXPL: 4CVE-2006-4301 – Microsoft Internet Explorer 6 - DirectX Media Remote Overflow Denial of Service
https://notcve.org/view.php?id=CVE-2006-4301
Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash) via a long Color attribute in multiple DirectX Media Image DirectX Transforms ActiveX COM Objects from (a) dxtmsft.dll and (b) dxtmsft3.dll, including (1) DXImageTransform.Microsoft.MaskFilter.1, (2) DXImageTransform.Microsoft.Chroma.1, and (3) DX3DTransform.Microsoft.Shapes.1. Microsoft Internet Explorer 6.0 SP1 permite a atacantes remotos provocar una denegación de servicio (caída) a través de un atributo Color largo en múltiples objetos DirectX Media Image DirectX Transforms ActiveX COM de (a) dxtmsft.dll y (b) dxtmsft3.dll, incluyendo (1) DXImageTransform.Microsoft.MaskFilter.1, (2) DXImageTransform.Microsoft.Chroma.1 y (3) DX3DTransform.Microsoft.Shapes.1. • https://www.exploit-db.com/exploits/4251 https://www.exploit-db.com/exploits/28421 http://securityreason.com/securityalert/1439 http://www.osvdb.org/29524 http://www.osvdb.org/29525 http://www.securityfocus.com/archive/1/443907/100/0/threaded http://www.securityfocus.com/bid/19640 http://xsec.org/index.php?module=releases&act=view&type=1&id=17 https://exchange.xforce.ibmcloud.com/vulnerabilities/28516 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 94%CPEs: 1EXPL: 3CVE-2006-4219 – Microsoft Internet Explorer 6 - 'TSUserEX.dll' ActiveX Control Memory Corruption
https://notcve.org/view.php?id=CVE-2006-4219
The Terminal Services COM object (tsuserex.dll) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by instantiating it as an ActiveX object in Internet Explorer 6.0 SP1 on Microsoft Windows 2003 EE SP1 CN. El objeto COM de Servicios de Terminal (tsuserex.dll) permite a atacantes remotos provocar unad enegación de servicio (caída) y posiblemente ejecutar código de su elección instanciándolo como un objeto ActiveX en Internet Explorer 6.0 SP1 en Microsoft Windows 2003 EE SP1 CN. • https://www.exploit-db.com/exploits/28400 http://securityreason.com/securityalert/1403 http://www.securityfocus.com/archive/1/443493/100/0/threaded http://www.securityfocus.com/bid/19570 http://www.xsec.org/index.php?module=Releases&act=view&type=1&id=14 https://exchange.xforce.ibmcloud.com/vulnerabilities/28444 •
CVSS: 7.5EPSS: 9%CPEs: 3EXPL: 8CVE-2006-4193 – Microsoft Internet Explorer 6 - 'IMSKDIC.dll' Denial of Service
https://notcve.org/view.php?id=CVE-2006-4193
Microsoft Internet Explorer 6.0 SP1 and possibly other versions allows remote attackers to cause a denial of service and possibly execute arbitrary code by instantiating COM objects as ActiveX controls, including (1) imskdic.dll (Microsoft IME), (2) chtskdic.dll (Microsoft IME), and (3) msoe.dll (Outlook), which leads to memory corruption. NOTE: it is not certain whether the issue is in Internet Explorer or the individual DLL files. Microsoft Internet Explorer 6.0 SP1 y posiblemente otras versiones permite a atacantes remotos provocar una denegación de servicio y posiblemente ejecutar código de su elección instanciando objetos COM como controles ActiveX, incluyendo (1) imskdic.dll (Microsoft IME), (2) chtskdic.dll (Microsoft IME), y (3) msoe.dll (Outlook), lo que lleva a una corrupción de memoria. NOTA: no está confirmado si este problema está en Internet Explorer o en los archivos DLL individuales. • https://www.exploit-db.com/exploits/28387 https://www.exploit-db.com/exploits/28389 http://securityreason.com/securityalert/1402 http://www.osvdb.org/29345 http://www.osvdb.org/29346 http://www.osvdb.org/29347 http://www.securityfocus.com/archive/1/443290/100/0/threaded http://www.securityfocus.com/archive/1/443295/100/0/threaded http://www.securityfocus.com/archive/1/443299/100/0/threaded http://www.securityfocus.com/bid/19521 http://www.securityfocus.com/bid •