Microsoft Internet Explorer vulnerabilities

CVE-2006-3915 [MEDIUM] CVE-2006-3915: Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by iterating over any native function, as demonstrated with the window.alert function, which triggers a null dereference.

CVE-2006-3898 [MEDIUM] CVE-2006-3898: Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to cause a denial of servi Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to cause a denial of service (application crash) by calling the Click method of the Internet.HHCtrl.1 ActiveX object before initializing the URL, which triggers a null dereference.

CVE-2006-3897 [MEDIUM] CWE-787 CVE-2006-3897: Stack overflow in Microsoft Internet Explorer 6 on Windows 2000 allows remote attackers to cause a d Stack overflow in Microsoft Internet Explorer 6 on Windows 2000 allows remote attackers to cause a denial of service (application crash) by creating an NMSA.ASFSourceMediaDescription.1 ActiveX object with a long dispValue property.

CVE-2006-3899 [MEDIUM] CVE-2006-3899: Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to cause a denial of servi Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to cause a denial of service (application crash) by calling the stringToBinary function of the CEnroll.CEnroll.2 ActiveX object with a long second argument, which triggers an invalid memory access inside the SysAllocStringLen function.

CVE-2006-3730 [HIGH] CWE-94 CVE-2006-3730: Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads to an invalid memory copy.

CVE-2006-3729 [LOW] CVE-2006-3729: DataSourceControl in Internet Explorer 6 on Windows XP SP2 with Office installed allows remote attac DataSourceControl in Internet Explorer 6 on Windows XP SP2 with Office installed allows remote attackers to cause a denial of service (crash) via a large negative integer argument to the getDataMemberName method of a OWC11.DataSourceControl.11 object, which leads to an integer overflow and a null dereference.

CVE-2006-3605 [MEDIUM] CVE-2006-3605: Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by settin Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Transition property on an uninitialized DXImageTransform.Microsoft.RevealTrans.1 ActiveX Object, which triggers a null dereference.

CVE-2006-3657 [MEDIUM] CVE-2006-3657: Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (stack overflow e Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (stack overflow exception) via a DXImageTransform.Microsoft.Gradient ActiveX object with a long (1) StartColorStr or (2) EndColorStr property.

CVE-2006-3659 [MEDIUM] CVE-2006-3659: Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by settin Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the location or URL property of a MHTMLFile ActiveX object.

CVE-2006-3591 [MEDIUM] CVE-2006-3591: Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (application cras Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (application crash) by accessing the URL property of a TriEditDocument.TriEditDocument object before it has been initialized, which triggers a NULL pointer dereference.

CVE-2006-3658 [MEDIUM] CVE-2006-3658: Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by access Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by accessing the object references of a FolderItem ActiveX object, which triggers a null dereference in the security check.

CVE-2006-3545 [MEDIUM] CVE-2006-3545: Microsoft Internet Explorer 7.0 Beta allows remote attackers to cause a denial of service (applicati Microsoft Internet Explorer 7.0 Beta allows remote attackers to cause a denial of service (application crash) via a web page with multiple empty APPLET start tags. NOTE: a third party has disputed this issue, stating that the crash does not occur with Microsoft Internet Explorer 7.0 Beta3

CVE-2006-3511 [MEDIUM] CVE-2006-3511: Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) b Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by setting the fonts property of the HtmlDlgSafeHelper object, which triggers a null dereference.

CVE-2006-3512 [MEDIUM] CVE-2006-3512: Internet Explorer 6 on Windows XP allows remote attackers to cause a denial of service (crash) by se Internet Explorer 6 on Windows XP allows remote attackers to cause a denial of service (crash) by setting the Enabled property of a DXTFilter ActiveX object to true, which triggers a null dereference.

CVE-2006-3513 [MEDIUM] CVE-2006-3513: danim.dll in Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (app danim.dll in Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (application crash) by accessing the Data property of a DirectAnimation DAUserData object before it is initialized, which triggers a NULL pointer dereference.

CVE-2006-3472 [MEDIUM] CVE-2006-3472: Microsoft Internet Explorer 6.0 and 6.0 SP1 allows remote attackers to cause a denial of service via Microsoft Internet Explorer 6.0 and 6.0 SP1 allows remote attackers to cause a denial of service via an HTML page with an A tag containing a long title attribute. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVE-2006-3427 [MEDIUM] CVE-2006-3427: Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by declar Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by declaring the sourceURL attribute on an uninitialized DirectAnimation.StructuredGraphicsControl ActiveX Object, which triggers a null dereference.

CVE-2006-3357 [HIGH] CVE-2006-3357: Heap-based buffer overflow in HTML Help ActiveX control (hhctrl.ocx) in Microsoft Internet Explorer Heap-based buffer overflow in HTML Help ActiveX control (hhctrl.ocx) in Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code by repeatedly setting the Image field of an Internet.HHCtrl.1 object to certain values, possibly related to improper escaping and long strings.

CVE-2006-3354 [MEDIUM] CVE-2006-3354: Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by settin Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Filter property of an ADODB.Recordset ActiveX object to certain values multiple times, which triggers a null dereference.

CVE-2006-3280 [HIGH] CVE-2006-3280: Cross-domain vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to access rest Cross-domain vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the oute