CVE-2006-4495

Microsoft Internet Explorer allows remote attackers to cause a denial of service memory corruption and possibly execute arbitrary code by instantiating certain Windows 2000 ActiveX COM Objects including 1 ciodm.dll, 2 myinfo.dll, 3 msdxm.ocx, and 4 creator.dll...

Microsoft Internet Explorer 5.0.1 - Daxctle.OCX Spline Method Heap Buffer Overflow

Microsoft Internet Explorer 5.0.1 - Daxctle.OCX Spline Method Heap Buffer Overflow source: https://www.securityfocus.com/bid/19738/info Microsoft Internet Explorer is prone to a heap buffer-overflow vulnerability.. The vulnerability arises because of the way Internet Explorer tries to instantiate...

CVE-2006-4301

Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service crash via a long Color attribute in multiple DirectX Media Image DirectX Transforms ActiveX COM Objects from a dxtmsft.dll and b dxtmsft3.dll, including 1 DXImageTransform.Microsoft.MaskFilter.1, 2...

CVE-2006-4301

CVE-2006-4301 affects Microsoft Internet Explorer 6.0 SP1. The issue arises in multiple DirectX Media Image DirectX Transforms ActiveX COM Objects (dxtmsft.dll and dxtmsft3.dll), specifically DXImageTransform.Microsoft.MaskFilter.1, DXImageTransform.Microsoft.Chroma.1, and DX3DTransform.Microsoft...

CVE-2006-4301

Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service crash via a long Color attribute in multiple DirectX Media Image DirectX Transforms ActiveX COM Objects from a dxtmsft.dll and b dxtmsft3.dll, including 1 DXImageTransform.Microsoft.MaskFilter.1, 2...

CVE-2006-4193

Microsoft Internet Explorer 6.0 SP1 and possibly other versions allows remote attackers to cause a denial of service and possibly execute arbitrary code by instantiating COM objects as ActiveX controls, including 1 imskdic.dll Microsoft IME, 2 chtskdic.dll Microsoft IME, and 3 msoe.dll Outlook,...

CVE-2006-4193

CVE-2006-4193 : Microsoft Internet Explorer 6.0 SP1 (and possibly other versions) may allow remote attackers to cause a denial of service and possibly execute arbitrary code by instantiating COM objects as ActiveX controls, including imskdic.dll (Microsoft IME), chtskdic.dll (Microsoft IME), and ...

CVE-2006-4193

Microsoft Internet Explorer 6.0 SP1 and possibly other versions allows remote attackers to cause a denial of service and possibly execute arbitrary code by instantiating COM objects as ActiveX controls, including 1 imskdic.dll Microsoft IME, 2 chtskdic.dll Microsoft IME, and 3 msoe.dll Outlook,...

CVE-2006-3638

Microsoft Internet Explorer 5.01 and 6 does not properly handle uninitialized COM objects, which allows remote attackers to cause a denial of service memory corruption and possibly execute arbitrary code, as demonstrated by the Nth function in the DirectAnimation.DATuple ActiveX control, aka "COM...

Microsoft Internet Explorer 6 - Visual Studio COM Object Instantiation Denial of Service

Microsoft Internet Explorer 6 - Visual Studio COM Object Instantiation Denial of Service source: https://www.securityfocus.com/bid/19572/info Microsoft Internet Explorer is prone to a denial-of-service vulnerability that occurs when instantiating Visual Studio COM objects. The vulnerability arise...

Microsoft Internet Explorer COM Object Instantiation Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability that is related to the instantiation of COM objects. This issue stems from a design error. The vulnerability arises because of the way Internet Explorer tries to instantiate certain COM objects as ActiveX...

CVE-2006-1303

Multiple unspecified vulnerabilities in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allow remote attackers to execute arbitrary code by instantiating certain COM objects from Wmm2fxa.dll as ActiveX controls including 1 DXImageTransform.Microsoft.MMSpecialEffect1Input, 2...

CVE-2006-1303

The CVE-2006-1303 issue affects Microsoft Internet Explorer 5.01 SP4 and IE 6 SP1 (and earlier) via remote instantiation of certain COM objects not meant for IE, notably several DXImageTransform.Microsoft.* ActiveX controls (MMSpecialEffect1Input, MMSpecialEffect1Input.1, MMSpecialEffect2Inputs, ...

Microsoft Internet Explorer COM Object Instantiation Code Execution Vulnerability Variant

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability that is related to the instantiation of COM objects. This issue results from a design error. The vulnerability arises because of the way Internet Explorer tries to instantiate certain COM objects as ActiveX...

Multiple Microsoft Internet Explorer security vulnerabilities

Jump to ininitialized function pointer by referencing unspupported object's method createTextRange for checkbox. Potentially can be used for code execution and hidden malware installation. Memory corruption on uninitialized event handlers. HTA code execution. HTML parsing memory corrution. COM...

CVE-2006-0012

Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via attack vectors involving COM objects and "crafted files and directories," aka the "Windows Shell Vulnerability."...

CVE-2006-0012

CVE-2006-0012 is a Windows Shell vulnerability in which Windows Explorer could incorrectly handle COM objects, enabling remote code execution if a user visits a malicious Web site or opens crafted files/directories. Affected products include Windows 2000 SP4, XP SP1/SP2, and Windows Server 2003 S...

Microsoft Windows fails to properly handle COM objects

Overview Microsoft Windows fails to properly handle COM Objects. This vulnerability may allow a remote unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft COM Microsoft COM is a technology that allows programmers to create reusable software components...

MS06-015: Vulnerabilities in Windows Explorer Could Allow Remote Code Execution (908531)

The remote version of Windows contains a version of the Windows Explorer that has a vulnerability in the way it handles COM objects. An attacker could exploit this vulnerability by asking a victim to visit a rogue website containing a malformed COM object. Tenable Network Security, Inc...

CVE-2005-2831

Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, aka a variant of t...