Executive Summary
Informations | |||
---|---|---|---|
Name | MS06-013 | First vendor Publication | N/A |
Vendor | Microsoft | Last vendor Modification | N/A |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Cumulative Security Update for Internet Explorer (912812) |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
33 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
33 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
33 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:1020 | |||
Oval ID: | oval:org.mitre.oval:def:1020 | ||
Title: | IE6 Double Byte Character Parsing Memory Corruption (WinXP) | ||
Description: | Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via a crafted URL with an International Domain Name (IDN) using double-byte character sets (DBCS), aka the "Double Byte Character Parsing Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1189 | Version: | 5 |
Platform(s): | Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1144 | |||
Oval ID: | oval:org.mitre.oval:def:1144 | ||
Title: | IE6 HTML Tag Memory Corruption (Server 2003,SP1) | ||
Description: | Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1188 | Version: | 4 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:1178 | |||
Oval ID: | oval:org.mitre.oval:def:1178 | ||
Title: | IE6 DHTML Method Call Memory Corruption (Server 2003) | ||
Description: | Microsoft Internet Explorer 6 and 7 Beta 2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a certain createTextRange call on a checkbox object, which results in a dereference of an invalid table pointer. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1359 | Version: | 5 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:1251 | |||
Oval ID: | oval:org.mitre.oval:def:1251 | ||
Title: | IE6 Cross-Domain Information Disclosure Vulnerability (WinXP) | ||
Description: | Microsoft Internet Explorer 5.01 through 6 does not always correctly identify the domain that is associated with a browser window, which allows remote attackers to obtain sensitive cross-domain information and spoof sites by running script after the user has navigated to another site. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1191 | Version: | 5 |
Platform(s): | Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1290 | |||
Oval ID: | oval:org.mitre.oval:def:1290 | ||
Title: | IE6 HTML Tag Memory Corruption (Win2K/WinXP) | ||
Description: | Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1188 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1296 | |||
Oval ID: | oval:org.mitre.oval:def:1296 | ||
Title: | IE6 HTML Tag Memory Corruption (Server 2003) | ||
Description: | Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1188 | Version: | 5 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:1336 | |||
Oval ID: | oval:org.mitre.oval:def:1336 | ||
Title: | IE6 Address Bar Spoofing Vulnerability (Win2K/XP,SP1) | ||
Description: | Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow "window content to persist" after the user has navigated to another site, aka the "Address Bar Spoofing Vulnerability." NOTE: this is a different vulnerability than CVE-2006-1626. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1192 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1446 | |||
Oval ID: | oval:org.mitre.oval:def:1446 | ||
Title: | IE5 COM Object Instantiation Memory Corruption (Win2K) | ||
Description: | Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via by instantiating the (1) Mdt2gddr.dll, (2) Mdt2dd.dll, and (3) Mdt2gddo.dll COM objects as ActiveX controls, which leads to memory corruption. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1186 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1451 | |||
Oval ID: | oval:org.mitre.oval:def:1451 | ||
Title: | IE5 Multiple Event Handler Memory Corruption (Win2K) | ||
Description: | Buffer overflow in mshtml.dll in Microsoft Internet Explorer 6.0.2900.2180, and probably other versions, allows remote attackers to execute arbitrary code via an HTML tag with a large number of script action handlers such as onload and onmouseover, as demonstrated using onclick, aka the "Multiple Event Handler Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1245 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1484 | |||
Oval ID: | oval:org.mitre.oval:def:1484 | ||
Title: | IE6 Double Byte Character Parsing Memory Corruption(Server 2003) | ||
Description: | Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via a crafted URL with an International Domain Name (IDN) using double-byte character sets (DBCS), aka the "Double Byte Character Parsing Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1189 | Version: | 5 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:1498 | |||
Oval ID: | oval:org.mitre.oval:def:1498 | ||
Title: | IE6 Address Bar Spoofing Vulnerability (Server 2003) | ||
Description: | Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow "window content to persist" after the user has navigated to another site, aka the "Address Bar Spoofing Vulnerability." NOTE: this is a different vulnerability than CVE-2006-1626. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1192 | Version: | 5 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:1541 | |||
Oval ID: | oval:org.mitre.oval:def:1541 | ||
Title: | IE6 Script Execution Vulnerability (Server 2003,SP1) | ||
Description: | Microsoft Internet Explorer 5.01 through 6 does not always return the correct IOleClientSite information when dynamically creating an embedded object, which could cause Internet Explorer to run the object in the wrong security context or zone, and allow remote attackers to execute arbitrary code. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1190 | Version: | 4 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:1569 | |||
Oval ID: | oval:org.mitre.oval:def:1569 | ||
Title: | IE6 Multiple Event Handler Memory Corruption (Win2K/XP,SP1) | ||
Description: | Buffer overflow in mshtml.dll in Microsoft Internet Explorer 6.0.2900.2180, and probably other versions, allows remote attackers to execute arbitrary code via an HTML tag with a large number of script action handlers such as onload and onmouseover, as demonstrated using onclick, aka the "Multiple Event Handler Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1245 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1589 | |||
Oval ID: | oval:org.mitre.oval:def:1589 | ||
Title: | IE6 COM Object Instantiation Memory Corruption (Win2K/XP,SP1) | ||
Description: | Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via by instantiating the (1) Mdt2gddr.dll, (2) Mdt2dd.dll, and (3) Mdt2gddo.dll COM objects as ActiveX controls, which leads to memory corruption. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1186 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1591 | |||
Oval ID: | oval:org.mitre.oval:def:1591 | ||
Title: | IE6 HTA Execution Vulnerability (WinXP) | ||
Description: | Unspecified vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to execute HTA files via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1388 | Version: | 5 |
Platform(s): | Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1599 | |||
Oval ID: | oval:org.mitre.oval:def:1599 | ||
Title: | IE6 Multiple Event Handler Memory Corruption (WinXP) | ||
Description: | Buffer overflow in mshtml.dll in Microsoft Internet Explorer 6.0.2900.2180, and probably other versions, allows remote attackers to execute arbitrary code via an HTML tag with a large number of script action handlers such as onload and onmouseover, as demonstrated using onclick, aka the "Multiple Event Handler Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1245 | Version: | 5 |
Platform(s): | Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1632 | |||
Oval ID: | oval:org.mitre.oval:def:1632 | ||
Title: | IE6 Multiple Event Handler Memory Corruption (Server 2003) | ||
Description: | Buffer overflow in mshtml.dll in Microsoft Internet Explorer 6.0.2900.2180, and probably other versions, allows remote attackers to execute arbitrary code via an HTML tag with a large number of script action handlers such as onload and onmouseover, as demonstrated using onclick, aka the "Multiple Event Handler Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1245 | Version: | 5 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:1642 | |||
Oval ID: | oval:org.mitre.oval:def:1642 | ||
Title: | IE6 HTA Execution Vulnerability (Win2K/XP,SP1) | ||
Description: | Unspecified vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to execute HTA files via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1388 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1645 | |||
Oval ID: | oval:org.mitre.oval:def:1645 | ||
Title: | IE6 Address Bar Spoofing Vulnerability (WinXP) | ||
Description: | Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow "window content to persist" after the user has navigated to another site, aka the "Address Bar Spoofing Vulnerability." NOTE: this is a different vulnerability than CVE-2006-1626. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1192 | Version: | 5 |
Platform(s): | Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1651 | |||
Oval ID: | oval:org.mitre.oval:def:1651 | ||
Title: | IE6 COM Object Instantiation Memory Corruption (Server 2003) | ||
Description: | Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via by instantiating the (1) Mdt2gddr.dll, (2) Mdt2dd.dll, and (3) Mdt2gddo.dll COM objects as ActiveX controls, which leads to memory corruption. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1186 | Version: | 5 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:1657 | |||
Oval ID: | oval:org.mitre.oval:def:1657 | ||
Title: | IE6 DHTML Method Call Memory Corruption (Server 2003,SP1) | ||
Description: | Microsoft Internet Explorer 6 and 7 Beta 2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a certain createTextRange call on a checkbox object, which results in a dereference of an invalid table pointer. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1359 | Version: | 4 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:1676 | |||
Oval ID: | oval:org.mitre.oval:def:1676 | ||
Title: | IE6 HTA Execution Vulnerability (Server 2003,SP1) | ||
Description: | Unspecified vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to execute HTA files via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1388 | Version: | 4 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:1677 | |||
Oval ID: | oval:org.mitre.oval:def:1677 | ||
Title: | IE6 HTML Parsing Vulnerability (Server 2003,SP1) | ||
Description: | Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1185 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:1678 | |||
Oval ID: | oval:org.mitre.oval:def:1678 | ||
Title: | IE 5.01 DHTML Method Call Memory Corruption | ||
Description: | Microsoft Internet Explorer 6 and 7 Beta 2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a certain createTextRange call on a checkbox object, which results in a dereference of an invalid table pointer. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1359 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1702 | |||
Oval ID: | oval:org.mitre.oval:def:1702 | ||
Title: | IE6 DHTML Method Call Memory Corruption (Win2K/XP,SP1) | ||
Description: | Microsoft Internet Explorer 6 and 7 Beta 2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a certain createTextRange call on a checkbox object, which results in a dereference of an invalid table pointer. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1359 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1704 | |||
Oval ID: | oval:org.mitre.oval:def:1704 | ||
Title: | IE6 COM Object Instantiation Memory Corruption (Server 2003,SP1) | ||
Description: | Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via by instantiating the (1) Mdt2gddr.dll, (2) Mdt2dd.dll, and (3) Mdt2gddo.dll COM objects as ActiveX controls, which leads to memory corruption. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1186 | Version: | 4 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:1710 | |||
Oval ID: | oval:org.mitre.oval:def:1710 | ||
Title: | IE6 Cross-Domain Information Disclosure Vulnerability (Server 2003,SP1) | ||
Description: | Microsoft Internet Explorer 5.01 through 6 does not always correctly identify the domain that is associated with a browser window, which allows remote attackers to obtain sensitive cross-domain information and spoof sites by running script after the user has navigated to another site. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1191 | Version: | 4 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:1711 | |||
Oval ID: | oval:org.mitre.oval:def:1711 | ||
Title: | IE5 HTML Parsing Vulnerability (Win2K) | ||
Description: | Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1185 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1724 | |||
Oval ID: | oval:org.mitre.oval:def:1724 | ||
Title: | IE6 HTA Execution Vulnerability (Server 2003) | ||
Description: | Unspecified vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to execute HTA files via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1388 | Version: | 5 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:1725 | |||
Oval ID: | oval:org.mitre.oval:def:1725 | ||
Title: | IE6 Address Bar Spoofing Vulnerability (Server 2003,SP1) | ||
Description: | Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow "window content to persist" after the user has navigated to another site, aka the "Address Bar Spoofing Vulnerability." NOTE: this is a different vulnerability than CVE-2006-1626. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1192 | Version: | 4 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:1735 | |||
Oval ID: | oval:org.mitre.oval:def:1735 | ||
Title: | IE6 Script Execution Vulnerability (WinXP) | ||
Description: | Microsoft Internet Explorer 5.01 through 6 does not always return the correct IOleClientSite information when dynamically creating an embedded object, which could cause Internet Explorer to run the object in the wrong security context or zone, and allow remote attackers to execute arbitrary code. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1190 | Version: | 5 |
Platform(s): | Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1740 | |||
Oval ID: | oval:org.mitre.oval:def:1740 | ||
Title: | IE5 Address Bar Spoofing Vulnerability (Win2K) | ||
Description: | Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow "window content to persist" after the user has navigated to another site, aka the "Address Bar Spoofing Vulnerability." NOTE: this is a different vulnerability than CVE-2006-1626. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1192 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1766 | |||
Oval ID: | oval:org.mitre.oval:def:1766 | ||
Title: | IE6 Multiple Event Handler Memory Corruption (Server 2003,SP1) | ||
Description: | Buffer overflow in mshtml.dll in Microsoft Internet Explorer 6.0.2900.2180, and probably other versions, allows remote attackers to execute arbitrary code via an HTML tag with a large number of script action handlers such as onload and onmouseover, as demonstrated using onclick, aka the "Multiple Event Handler Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1245 | Version: | 4 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:1773 | |||
Oval ID: | oval:org.mitre.oval:def:1773 | ||
Title: | IE6 HTML Tag Memory Corruption (WinXP) | ||
Description: | Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1188 | Version: | 5 |
Platform(s): | Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1774 | |||
Oval ID: | oval:org.mitre.oval:def:1774 | ||
Title: | IE5 HTA Execution Vulnerability (Win2K) | ||
Description: | Unspecified vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to execute HTA files via unknown vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1388 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1783 | |||
Oval ID: | oval:org.mitre.oval:def:1783 | ||
Title: | IE6 Script Execution Vulnerability (Server 2003) | ||
Description: | Microsoft Internet Explorer 5.01 through 6 does not always return the correct IOleClientSite information when dynamically creating an embedded object, which could cause Internet Explorer to run the object in the wrong security context or zone, and allow remote attackers to execute arbitrary code. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1190 | Version: | 5 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:787 | |||
Oval ID: | oval:org.mitre.oval:def:787 | ||
Title: | IE6 HTML Parsing Vulnerability (WinXP) | ||
Description: | Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1185 | Version: | 5 |
Platform(s): | Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:791 | |||
Oval ID: | oval:org.mitre.oval:def:791 | ||
Title: | IE6 COM Object Instantiation Memory Corruption (WinXP) | ||
Description: | Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via by instantiating the (1) Mdt2gddr.dll, (2) Mdt2dd.dll, and (3) Mdt2gddo.dll COM objects as ActiveX controls, which leads to memory corruption. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1186 | Version: | 5 |
Platform(s): | Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:792 | |||
Oval ID: | oval:org.mitre.oval:def:792 | ||
Title: | IE6 Double Byte Character Parsing Memory Corruption (Win2K/WinXP) | ||
Description: | Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via a crafted URL with an International Domain Name (IDN) using double-byte character sets (DBCS), aka the "Double Byte Character Parsing Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1189 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:965 | |||
Oval ID: | oval:org.mitre.oval:def:965 | ||
Title: | IE6 Script Execution Vulnerability (Win2K/XP,SP1) | ||
Description: | Microsoft Internet Explorer 5.01 through 6 does not always return the correct IOleClientSite information when dynamically creating an embedded object, which could cause Internet Explorer to run the object in the wrong security context or zone, and allow remote attackers to execute arbitrary code. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1190 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:985 | |||
Oval ID: | oval:org.mitre.oval:def:985 | ||
Title: | IE6 DHTML Method Call Memory Corruption (WinXP) | ||
Description: | Microsoft Internet Explorer 6 and 7 Beta 2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a certain createTextRange call on a checkbox object, which results in a dereference of an invalid table pointer. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-1359 | Version: | 5 |
Platform(s): | Microsoft Windows XP | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Internet Explorer createTextRange memory corruption | More info here |
ExploitDB Exploits
id | Description |
---|---|
2010-09-20 | Internet Explorer createTextRange() Code Execution |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
24547 | Microsoft IE HTML Parsing Unspecified Remote Code Execution |
24546 | Microsoft IE COM Object Instantiation Remote Code Execution |
24545 | Microsoft IE HTML Element Crafted Tag Arbitrary Code Execution |
24544 | Microsoft IE IOleClientSite Dynamic Object Script Execution |
24543 | Microsoft IE Navigation Method Cross-Domain Information Disclosure |
24542 | Microsoft IE Unspecified Address Bar Spoofing |
24541 | Microsoft IE Double Byte Character Set (DBCS) Parsing Overflow |
24095 | Microsoft IE Arbitrary HTA File Execution Microsoft Internet Explorer contains a flaw that may allow a malicious user to execute HTA files (HTML Applications) in the context of targeted users. The issue is triggered when unspecified condition occurs. It is possible that the flaw may allow to execute code and potentially to compromise affected system resulting in a loss of integrity. |
24050 | Microsoft IE createTextRange() Function Arbitrary Code Execution Microsoft Internet Explorer contains a flaw that may allow a malicious user to execute arbitrary commands. The issue is triggered due to a memory corruption error when processing a specially crafted "createTextRange()" call associated with a "checkbox" object. It is possible that the flaw may allow attackers to remotely take complete control of an affected system resulting in a loss of integrity. |
23964 | Microsoft IE mshtml.dll Multiple Script Action Handler Overflow Remote overflow exists in Microsoft Internet Explorer. The product fails to properly check bounds for handling HTML tags with multiple event handlers resulting in a buffer overflow. With a specially crafted HTML document, an attacker can cause affected web browsers to crash or remote code execution resulting in a loss of integrity, and/or availability. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft DT DDS OrgChart GDD Route ActiveX object access RuleID : 6008 - Revision : 11 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DT DDS OrgChart GDD Layout ActiveX object access RuleID : 6007 - Revision : 12 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DT Icon Control ActiveX object access RuleID : 6006 - Revision : 12 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DT DDS Straight Line Routing Logic 2 ActiveX obje... RuleID : 6005 - Revision : 12 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DT DDS Circular Auto Layout Logic 2 ActiveX objec... RuleID : 6004 - Revision : 12 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DT DDS Rectilinear GDD Route ActiveX object access RuleID : 6003 - Revision : 12 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DT DDS Rectilinear GDD Layout ActiveX object access RuleID : 6002 - Revision : 12 - Type : BROWSER-PLUGINS |
2017-12-05 | Microsoft Internet Explorer script action handler buffer overflow attempt RuleID : 44730 - Revision : 2 - Type : BROWSER-IE |
2017-12-05 | Microsoft Internet Explorer script action handler buffer overflow attempt RuleID : 44729 - Revision : 2 - Type : BROWSER-IE |
2017-08-15 | Microsoft Internet Explorer span tag memory corruption attempt RuleID : 43551 - Revision : 1 - Type : BROWSER-IE |
2017-08-15 | Microsoft Internet Explorer span tag memory corruption attempt RuleID : 43550 - Revision : 1 - Type : BROWSER-IE |
2016-03-14 | Microsoft Internet Explorer span tag memory corruption attempt RuleID : 37423 - Revision : 3 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer createTextRange code execution attempt RuleID : 18313 - Revision : 6 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer span tag memory corruption attempt RuleID : 18306 - Revision : 5 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer span tag memory corruption attempt RuleID : 18305 - Revision : 7 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer span tag memory corruption attempt RuleID : 18304 - Revision : 8 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer script action handler overflow attempt RuleID : 18303 - Revision : 5 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer createTextRange code execution attempt RuleID : 17781 - Revision : 4 - Type : SPECIFIC-THREATS |
2014-01-10 | Microsoft Internet Explorer span tag memory corruption attempt RuleID : 17580 - Revision : 13 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer Script Action Handler buffer overflow attempt RuleID : 17516 - Revision : 11 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer Script Action Handler buffer overflow attempt RuleID : 17515 - Revision : 14 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer Script Action Handler buffer overflow attempt RuleID : 17514 - Revision : 11 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer Script Action Handler buffer overflow attempt RuleID : 17513 - Revision : 12 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer Script Action Handler buffer overflow attempt RuleID : 17512 - Revision : 11 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer createTextRange code execution attempt RuleID : 17263 - Revision : 7 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer createTextRange code execution attempt RuleID : 17262 - Revision : 6 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer createTextRange code execution attempt RuleID : 17261 - Revision : 10 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer createTextRange code execution attempt RuleID : 16690 - Revision : 9 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer html tag memory corruption attempt RuleID : 16043 - Revision : 8 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer createTextRange code execution attempt RuleID : 16035 - Revision : 12 - Type : BROWSER-IE |
2014-01-10 | DirectAnimation.DAstatics ActiveX function call unicode access RuleID : 11246 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAstatics ActiveX function call a... RuleID : 11245 - Revision : 11 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DAstatics ActiveX clsid unicode access RuleID : 11244 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAstatics ActiveX clsid access RuleID : 11243 - Revision : 12 - Type : BROWSER-PLUGINS |
2014-01-10 | DXImageTransform.Microsoft.Redirect ActiveX function call unicode access RuleID : 11242 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | DXImageTransform.Microsoft.Redirect ActiveX function call access RuleID : 11241 - Revision : 10 - Type : BROWSER-PLUGINS |
2014-01-10 | DXImageTransform.Microsoft.Redirect ActiveX clsid unicode access RuleID : 11240 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | DXImageTransform.Microsoft.Redirect ActiveX clsid access RuleID : 11239 - Revision : 11 - Type : BROWSER-PLUGINS |
Metasploit Database
id | Description |
---|---|
2006-03-19 | MS06-013 Microsoft Internet Explorer createTextRange() Code Execution |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2006-04-11 | Name : Arbitrary code can be executed on the remote host through the web client. File : smb_nt_ms06-013.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2020-05-23 13:17:12 |
|
2014-02-17 11:45:20 |
|
2014-01-19 21:29:58 |
|