Lucene search

K

11 matches found

CVE
CVE
added 2006/06/13 7:6 p.m.55 views

CVE-2006-1303

Multiple unspecified vulnerabilities in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allow remote attackers to execute arbitrary code by instantiating certain COM objects from Wmm2fxa.dll as ActiveX controls including (1) DXImageTransform.Microsoft.MMSpecialEffect1Input, (2) DXImageTr...

9.3CVSS7.7AI score0.58944EPSS
CVE
CVE
added 2006/06/26 4:5 p.m.52 views

CVE-2006-3227

Interpretation conflict between Internet Explorer and other web browsers such as Mozilla, Opera, and Firefox might allow remote attackers to modify the visual presentation of web pages and possibly bypass protection mechanisms such as content filters via ASCII characters with the 8th bit set, which...

2.6CVSS6.7AI score0.30898EPSS
CVE
CVE
added 2006/06/13 7:6 p.m.47 views

CVE-2006-2378

Buffer overflow in the ART Image Rendering component (jgdw400.dll) in Microsoft Windows XP SP1 and Sp2, Server 2003 SP1 and earlier, and Windows 98 and Me allows remote attackers to execute arbitrary code via a crafted ART image that causes heap corruption.

6.8CVSS7.6AI score0.62392EPSS
CVE
CVE
added 2006/06/02 10:18 a.m.45 views

CVE-2006-2766

Buffer overflow in INETCOMM.DLL, as used in Microsoft Internet Explorer 6.0 through 6.0 SP2, Windows Explorer, Outlook Express 6, and possibly other programs, allows remote user-assisted attackers to cause a denial of service (application crash) via a long mhtml URI in the URL value in a URL file.

2.6CVSS6.7AI score0.63435EPSS
CVE
CVE
added 2006/06/28 10:5 p.m.45 views

CVE-2006-3280

Cross-domain vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the targe...

7.5CVSS5.9AI score0.63431EPSS
CVE
CVE
added 2006/06/13 7:6 p.m.42 views

CVE-2006-2385

Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted web page that triggers memory corruption when it is saved as a multipart HTML (.mht) file.

7.6CVSS7.4AI score0.18242EPSS
CVE
CVE
added 2006/06/13 7:6 p.m.41 views

CVE-2006-2383

Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via "unexpected data" related to "parameter validation" in the DXImageTransform.Microsoft.Light ActiveX control, which causes Internet Explorer to crash in a way...

9.3CVSS7.7AI score0.68973EPSS
CVE
CVE
added 2006/06/13 7:6 p.m.41 views

CVE-2006-2384

Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to conduct spoofing and phishing attacks by using a modal browser window in a way that preserves the original address bar and trusted UI of a trusted site, even after the browser has been navigated to a malicious sit...

4.3CVSS6.5AI score0.24782EPSS
CVE
CVE
added 2006/06/23 8:6 p.m.39 views

CVE-2006-3200

Unspecified versions of Internet Explorer allow remote attackers to cause a denial of service (crash) via an IFRAME with a src tag containing a "File://" URI followed by an 8-bit character. NOTE: some third parties were unable to verify this issue.

5CVSS7AI score0.29854EPSS
CVE
CVE
added 2006/06/28 10:5 p.m.39 views

CVE-2006-3281

Microsoft Internet Explorer 6.0 does not properly handle Drag and Drop events, which allows remote user-assisted attackers to execute arbitrary code via a link to an SMB file share with a filename that contains encoded ..\ (%2e%2e%5c) sequences and whose extension contains the CLSID Key identifier ...

5.1CVSS7.7AI score0.64039EPSS
CVE
CVE
added 2006/06/13 7:6 p.m.38 views

CVE-2006-2382

Heap-based buffer overflow in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via crafted UTF-8 encoded HTML that results in size discrepancies during conversion to Unicode, aka "HTML Decoding Memory Corruption Vulnerability."

10CVSS7.7AI score0.71985EPSS