Microsoft Internet Explorer vulnerabilities

CVE-2006-3281 [MEDIUM] CWE-20 CVE-2006-3281: Microsoft Internet Explorer 6.0 does not properly handle Drag and Drop events, which allows remote u Microsoft Internet Explorer 6.0 does not properly handle Drag and Drop events, which allows remote user-assisted attackers to execute arbitrary code via a link to an SMB file share with a filename that contains encoded ..\ (%2e%2e%5c) sequences and whose extension contains the CLSID Key identifier for HTML Applications (HTA), aka "Folder GUID Code Exec

CVE-2006-3227 [LOW] CVE-2006-3227: Interpretation conflict between Internet Explorer and other web browsers such as Mozilla, Opera, and Interpretation conflict between Internet Explorer and other web browsers such as Mozilla, Opera, and Firefox might allow remote attackers to modify the visual presentation of web pages and possibly bypass protection mechanisms such as content filters via ASCII characters with the 8th bit set, which could be stripped by Internet Explorer to render legible text, b

CVE-2006-3200 [MEDIUM] CVE-2006-3200: Unspecified versions of Internet Explorer allow remote attackers to cause a denial of service (crash Unspecified versions of Internet Explorer allow remote attackers to cause a denial of service (crash) via an IFRAME with a src tag containing a "File://" URI followed by an 8-bit character. NOTE: some third parties were unable to verify this issue.

CVE-2006-2382 [CRITICAL] CWE-119 CVE-2006-2382: Heap-based buffer overflow in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remo Heap-based buffer overflow in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via crafted UTF-8 encoded HTML that results in size discrepancies during conversion to Unicode, aka "HTML Decoding Memory Corruption Vulnerability."

CVE-2006-2383 [CRITICAL] CVE-2006-2383: Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remot Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via "unexpected data" related to "parameter validation" in the DXImageTransform.Microsoft.Light ActiveX control, which causes Internet Explorer to crash in a way that enables the code execution.

CVE-2006-1303 [CRITICAL] CWE-94 CVE-2006-1303: Multiple unspecified vulnerabilities in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier a Multiple unspecified vulnerabilities in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allow remote attackers to execute arbitrary code by instantiating certain COM objects from Wmm2fxa.dll as ActiveX controls including (1) DXImageTransform.Microsoft.MMSpecialEffect1Input, (2) DXImageTransform.Microsoft.MMSpecialEffect1Input.1, (3) DXImag

CVE-2006-2385 [HIGH] CWE-94 CVE-2006-2385: Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows user- Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted web page that triggers memory corruption when it is saved as a multipart HTML (.mht) file.

CVE-2006-2378 [MEDIUM] CVE-2006-2378: Buffer overflow in the ART Image Rendering component (jgdw400.dll) in Microsoft Windows XP SP1 and S Buffer overflow in the ART Image Rendering component (jgdw400.dll) in Microsoft Windows XP SP1 and Sp2, Server 2003 SP1 and earlier, and Windows 98 and Me allows remote attackers to execute arbitrary code via a crafted ART image that causes heap corruption.

CVE-2006-2384 [MEDIUM] CWE-200 CVE-2006-2384: Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to conduct spoofi Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to conduct spoofing and phishing attacks by using a modal browser window in a way that preserves the original address bar and trusted UI of a trusted site, even after the browser has been navigated to a malicious site, aka the "Address Bar Spoofing Vulnerability."

CVE-2006-2766 [LOW] CVE-2006-2766: Buffer overflow in INETCOMM.DLL, as used in Microsoft Internet Explorer 6.0 through 6.0 SP2, Windows Buffer overflow in INETCOMM.DLL, as used in Microsoft Internet Explorer 6.0 through 6.0 SP2, Windows Explorer, Outlook Express 6, and possibly other programs, allows remote user-assisted attackers to cause a denial of service (application crash) via a long mhtml URI in the URL value in a URL file.

CVE-2006-2218 [CRITICAL] CVE-2006-2218: Unspecified vulnerability in Internet Explorer 6.0 on Microsoft Windows XP SP2 allows remote attacke Unspecified vulnerability in Internet Explorer 6.0 on Microsoft Windows XP SP2 allows remote attackers to execute arbitrary code via "exceptional conditions" that trigger memory corruption, as demonstrated using an exception handler and nested object tags, a variant of CVE-2006-1992.

CVE-2006-2094 [MEDIUM] CWE-362 CVE-2006-2094: Microsoft Internet Explorer before Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1, Microsoft Internet Explorer before Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1, when Prompt is configured in Security Settings, uses modal dialogs to verify that a user wishes to run an ActiveX control or perform other risky actions, which allows user-assisted remote attackers to construct a race condition that tricks a user into

CVE-2006-2056 [MEDIUM] CWE-88 CVE-2006-2056: Argument injection vulnerability in Internet Explorer 6 for Windows XP SP2 allows user-assisted remo Argument injection vulnerability in Internet Explorer 6 for Windows XP SP2 allows user-assisted remote attackers to modify command line arguments to an invoked mail client via " (double quote) characters in a mailto: scheme handler, as demonstrated by launching Microsoft Outlook with an arbitrary filename as an attachment. NOTE: it is not clear whether

CVE-2006-1992 [LOW] CWE-399 CVE-2006-1992: mshtml.dll 6.00.2900.2873, as used in Microsoft Internet Explorer, allows remote attackers to cause mshtml.dll 6.00.2900.2873, as used in Microsoft Internet Explorer, allows remote attackers to cause a denial of service (crash) via nested OBJECT tags, which trigger invalid pointer dereferences including NULL dereferences. NOTE: the possibility of code execution was originally theorized, but Microsoft has stated that this issue is non-exploitable.

CVE-2006-1189 [CRITICAL] CWE-119 CVE-2006-1189: Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01 through 6 allows remote attackers Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via a crafted URL with an International Domain Name (IDN) using double-byte character sets (DBCS), aka the "Double Byte Character Parsing Memory Corruption Vulnerability."

CVE-2006-1190 [CRITICAL] CVE-2006-1190: Microsoft Internet Explorer 5.01 through 6 does not always return the correct IOleClientSite informa Microsoft Internet Explorer 5.01 through 6 does not always return the correct IOleClientSite information when dynamically creating an embedded object, which could cause Internet Explorer to run the object in the wrong security context or zone, and allow remote attackers to execute arbitrary code.

CVE-2006-1186 [CRITICAL] CVE-2006-1186: Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via by Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via by instantiating the (1) Mdt2gddr.dll, (2) Mdt2dd.dll, and (3) Mdt2gddo.dll COM objects as ActiveX controls, which leads to memory corruption.

CVE-2006-1185 [HIGH] CVE-2006-1185: Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to e Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption.

CVE-2006-1188 [HIGH] CVE-2006-1188: Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTM Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption.

CVE-2006-1191 [MEDIUM] CVE-2006-1191: Microsoft Internet Explorer 5.01 through 6 does not always correctly identify the domain that is ass Microsoft Internet Explorer 5.01 through 6 does not always correctly identify the domain that is associated with a browser window, which allows remote attackers to obtain sensitive cross-domain information and spoof sites by running script after the user has navigated to another site.