ID SECURITYVULNS:VULN:5923Type securityvulnsReporter FULL-DISCLOSUREModified 2006-05-27T00:00:00
Description
Jump to ininitialized function pointer by referencing unspupported object's method (createTextRange() for checkbox). Potentially can be used for code execution and hidden malware installation. Memory corruption on uninitialized event handlers. HTA code execution. HTML parsing memory corrution. COM objects memory corruption. Crossite scripting.
{"id": "SECURITYVULNS:VULN:5923", "bulletinFamily": "software", "title": "Multiple Microsoft Internet Explorer security vulnerabilities", "description": "Jump to ininitialized function pointer by referencing unspupported object's method (createTextRange() for checkbox). Potentially can be used for code execution and hidden malware installation. Memory corruption on uninitialized event handlers. HTA code execution. HTML parsing memory corrution. COM objects memory corruption. Crossite scripting.", "published": "2006-05-27T00:00:00", "modified": "2006-05-27T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:5923", "reporter": "FULL-DISCLOSURE", "references": ["https://vulners.com/securityvulns/securityvulns:doc:11915", "https://vulners.com/securityvulns/securityvulns:doc:12184", "https://vulners.com/securityvulns/securityvulns:doc:12836", "https://vulners.com/securityvulns/securityvulns:doc:11998", "https://vulners.com/securityvulns/securityvulns:doc:11905", "https://vulners.com/securityvulns/securityvulns:doc:12173", "https://vulners.com/securityvulns/securityvulns:doc:12166", "https://vulners.com/securityvulns/securityvulns:doc:12175", "https://vulners.com/securityvulns/securityvulns:doc:12019", "https://vulners.com/securityvulns/securityvulns:doc:12212", "https://vulners.com/securityvulns/securityvulns:doc:11904", "https://vulners.com/securityvulns/securityvulns:doc:12835", "https://vulners.com/securityvulns/securityvulns:doc:11892", "https://vulners.com/securityvulns/securityvulns:doc:12171"], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:09:20", "edition": 1, "viewCount": 7, "enchantments": {"score": {"value": 7.7, "vector": "NONE", "modified": "2018-08-31T11:09:20", "rev": 2}, "dependencies": {"references": [{"type": "mskb", "idList": ["KB4011584"]}, {"type": "cve", "idList": ["CVE-2016-11044", "CVE-2019-5923", "CVE-2018-5923", "CVE-2017-5923"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310872781", "OPENVAS:1361412562310872777", "OPENVAS:1361412562310142515", "OPENVAS:1361412562310872630", "OPENVAS:1361412562310872631"]}, {"type": "jvn", "idList": ["JVN:11622218"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:5DF9F21E4CDD886F7BC71458A5B23765"]}, {"type": "ossfuzz", "idList": ["OSSFUZZ-5923"]}, {"type": "nessus", "idList": ["FEDORA_2017-11AC1E31EB.NASL", "FEDORA_2017-2E94C7B518.NASL", "FEDORA_2017-9941306740.NASL"]}, {"type": "openbugbounty", "idList": ["OBB:204393", "OBB:154485"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:12166", "SECURITYVULNS:DOC:12835", "SECURITYVULNS:DOC:12836", "SECURITYVULNS:DOC:12184", "SECURITYVULNS:DOC:12212", "SECURITYVULNS:DOC:12019", "SECURITYVULNS:DOC:12171", "SECURITYVULNS:VULN:14753", "SECURITYVULNS:DOC:11998", "SECURITYVULNS:DOC:11905", "SECURITYVULNS:VULN:14720", "SECURITYVULNS:DOC:12175", "SECURITYVULNS:DOC:12173", "SECURITYVULNS:DOC:11904", "SECURITYVULNS:DOC:11892", "SECURITYVULNS:DOC:11915"]}], "modified": "2018-08-31T11:09:20", "rev": 2}, "vulnersScore": 7.7}, "affectedSoftware": [{"name": "Internet Explorer", "operator": "eq", "version": "6.0"}]}
{"rst": [{"lastseen": "2021-02-28T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **77[.]191.114.128** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **44**.\n First seen: 2021-02-23T03:00:00, Last seen: 2021-02-28T03:00:00.\n IOC tags: **shellprobe**.\nASN 6805: (First IP 77.176.0.0, Last IP 77.191.255.255).\nASN Name \"TDDEASN1\" and Organisation \"\".\nASN hosts 15687 domains.\nGEO IP information: City \"Berlin\", Country \"Germany\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-23T00:00:00", "id": "RST:CD3195F8-5923-37DA-A32C-66DF4443FAD2", "href": "", "published": "2021-03-01T00:00:00", "title": "RST Threat feed. IOC: 77.191.114.128", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-28T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **5[.]167.68.238** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **1**.\n First seen: 2019-12-17T03:00:00, Last seen: 2021-02-28T03:00:00.\n IOC tags: **generic**.\nASN 57026: (First IP 5.167.64.0, Last IP 5.167.79.255).\nASN Name \"CHEBAS\" and Organisation \"\".\nASN hosts 202 domains.\nGEO IP information: City \"Cheboksary\", Country \"Russia\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2019-12-17T00:00:00", "id": "RST:EF44F274-5923-3EF1-901C-F4A555FF378B", "href": "", "published": "2021-03-01T00:00:00", "title": "RST Threat feed. IOC: 5.167.68.238", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-28T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **http://118[.]201.228.92:42931/bin.sh** in [RST Threat Feed](https://rstcloud.net/profeed) with score **66**.\n First seen: 2021-02-28T03:00:00, Last seen: 2021-02-28T03:00:00.\n IOC tags: **malware**.\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-28T00:00:00", "id": "RST:06BDCDA9-5923-32D7-AAEF-E1F26D6EC592", "href": "", "published": "2021-03-01T00:00:00", "title": "RST Threat feed. IOC: http://118.201.228.92:42931/bin.sh", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-27T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **35[.]189.41.225** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **10**.\n First seen: 2021-02-03T03:00:00, Last seen: 2021-02-27T03:00:00.\n IOC tags: **generic**.\nASN 15169: (First IP 35.184.0.0, Last IP 35.190.255.255).\nASN Name \"GOOGLE\" and Organisation \"Google LLC\".\nThis IP is a part of \"**google_cloud**\" address pools.\nASN hosts 51782915 domains.\nGEO IP information: City \"Sydney\", Country \"Australia\".\nIOC could be a **False Positive** (Cloud provider IP).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-03T00:00:00", "id": "RST:0C64CC7D-5923-3CA9-A4DC-0872FD23FF59", "href": "", "published": "2021-02-28T00:00:00", "title": "RST Threat feed. IOC: 35.189.41.225", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-27T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **actionagainst-hunger[.]org.uk** in [RST Threat Feed](https://rstcloud.net/profeed) with score **2**.\n First seen: 2019-12-15T03:00:00, Last seen: 2021-02-27T03:00:00.\n IOC tags: **spam**.\nDomain has DNS A records: 162[.]0.209.166\nWhois:\n Created: 2020-08-19 21:00:00, \n Registrar: GODADDY, \n Registrant: unknown.\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2019-12-15T00:00:00", "id": "RST:0D4158DF-5923-3548-87C7-55CF3540FC48", "href": "", "published": "2021-02-28T00:00:00", "title": "RST Threat feed. IOC: actionagainst-hunger.org.uk", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-27T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **parsolgy[.]com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **2**.\n First seen: 2019-12-15T03:00:00, Last seen: 2021-02-27T03:00:00.\n IOC tags: **spam**.\nDomain has DNS A records: 172[.]67.157.70,104.21.8.97\nWhois:\n Created: 2019-04-15 10:31:58, \n Registrar: NameCheap Inc, \n Registrant: unknown.\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2019-12-15T00:00:00", "id": "RST:A8187143-5923-3B67-AE5C-83D9D7F19412", "href": "", "published": "2021-02-28T00:00:00", "title": "RST Threat feed. IOC: parsolgy.com", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-26T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **http://195[.]123.220.220/uploads/files/sg/document_89120.xlsb** in [RST Threat Feed](https://rstcloud.net/profeed) with score **19**.\n First seen: 2021-02-26T03:00:00, Last seen: 2021-02-26T03:00:00.\n IOC tags: **malware**.\nIt was found that the IOC is used by: **trickbot**.\nIOC could be a **False Positive** (Resource unavailable).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-26T00:00:00", "id": "RST:C3322D62-5923-3791-9AB3-BE72279BAC15", "href": "", "published": "2021-02-27T00:00:00", "title": "RST Threat feed. IOC: http://195.123.220.220/uploads/files/sg/document_89120.xlsb", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-17T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **64[.]eu.api.binance.com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2021-01-17T03:00:00, Last seen: 2021-01-17T03:00:00.\n IOC tags: **cryptomining**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-01-17T00:00:00", "id": "RST:8D5053BE-5923-3157-9D3A-F466BF86EC31", "href": "", "published": "2021-02-24T00:00:00", "title": "RST Threat feed. IOC: 64.eu.api.binance.com", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-10T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **https://mobile-srftoken-benutzername[.]de/login.php?uurevqbzpl4ijcfhbxarwkciggt8z1yn6dxwven2shq975mjymtsld0kafoop3uom5nyjh94fvlv3guyx1hbqf7d6osdejriwxlt8ip2agzbtkqpscc0kweznrma90082397722&lng=en** in [RST Threat Feed](https://rstcloud.net/profeed) with score **59**.\n First seen: 2021-02-10T03:00:00, Last seen: 2021-02-10T03:00:00.\n IOC tags: **phishing**.\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-10T00:00:00", "id": "RST:46030FA5-5923-31A7-BDCF-1F5048D73BF4", "href": "", "published": "2021-02-24T00:00:00", "title": "RST Threat feed. IOC: https://mobile-srftoken-benutzername.de/login.php?uurevqbzpl4ijcfhbxarwkciggt8z1yn6dxwven2shq975mjymtsld0kafoop3uom5nyjh94fvlv3guyx1hbqf7d6osdejriwxlt8ip2agzbtkqpscc0kweznrma90082397722&lng=en", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-23T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **0[.]0.0.0 eptemtila.publicnode.ydns.eu** in [RST Threat Feed](https://rstcloud.net/profeed) with score **20**.\n First seen: 2021-02-23T03:00:00, Last seen: 2021-02-23T03:00:00.\n IOC tags: **cryptomining**.\nWhois:\n Created: 1970-01-01 00:00:00, \n Registrar: KeySystems GmbH, \n Registrant: unknown.\nIOC could be a **False Positive** (Domain not resolved, but Whois records found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-23T00:00:00", "id": "RST:A2124EF2-5923-3298-8745-5AB44F2B4CB4", "href": "", "published": "2021-02-23T00:00:00", "title": "RST Threat feed. IOC: 0.0.0.0 eptemtila.publicnode.ydns.eu", "type": "rst", "cvss": {}}]}
