Search criteria
24 vulnerabilities found for network_camera_server_vb101 by canon
FKIE_CVE-2007-2680
Vulnerability from fkie_nvd - Published: 2007-05-15 00:19 - Updated: 2025-04-09 00:30
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canon | network_camera_server_vb100 | 3.0 | |
| canon | network_camera_server_vb101 | 3.0 | |
| canon | network_camera_server_vb150 | 1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:canon:network_camera_server_vb100:3.0:r69:*:*:*:*:*:*",
"matchCriteriaId": "092AE829-3DDD-4407-8CB5-79FB9496AC5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:canon:network_camera_server_vb101:3.0:r69:*:*:*:*:*:*",
"matchCriteriaId": "0FCF41D8-BFD5-4A51-A9C7-7E37A0E64525",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:canon:network_camera_server_vb150:1.1:r39:*:*:*:*:*:*",
"matchCriteriaId": "2AAD4C97-6F2E-4720-A054-988A956DAA3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de secuencia de comandos en sitios cruzados (XSS) en el interfaz de gesti\u00f3n en Canon Network Camera Server VB100 y VB101 con software empotrado (firmware)3.0 R69 y anteriores, y VB150 con software empotrado (firmware)1.1 R39 y anteriores, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2007-2680",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-05-15T00:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://cweb.canon.jp/drv-upd/webview/notification.html"
},
{
"source": "cve@mitre.org",
"url": "http://jvn.jp/jp/JVN%2306735665/"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/35019"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24940"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/23560"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cweb.canon.jp/drv-upd/webview/notification.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/jp/JVN%2306735665/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/35019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24940"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23560"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1461"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-7065
Vulnerability from fkie_nvd - Published: 2007-03-02 21:18 - Updated: 2025-04-09 00:30
Severity ?
Summary
Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via an IFRAME with a certain XML file and XSL stylesheet that triggers a crash in mshtml.dll when a refresh is called, probably a null pointer dereference.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6.0 | |
| microsoft | ie | 6.0 | |
| microsoft | ie | 6.0 | |
| microsoft | ie | 6.0 | |
| microsoft | ie | 6.0 | |
| microsoft | ie | 6.0 | |
| microsoft | ie | 6.0 | |
| microsoft | ie | 6.0 | |
| microsoft | ie | 6.0 | |
| microsoft | ie | 7 | |
| microsoft | ie | 7 | |
| microsoft | ie | 7 | |
| microsoft | ie | 7 | |
| microsoft | ie | 7.0 | |
| microsoft | ie | 7.0 | |
| microsoft | ie | 7.0 | |
| microsoft | internet_explorer | 6 | |
| microsoft | internet_explorer | 6.0 | |
| microsoft | internet_explorer | 6.0.2600 | |
| microsoft | internet_explorer | 6.0.2800 | |
| microsoft | internet_explorer | 6.0.2800.1106 | |
| microsoft | internet_explorer | 6.0.2900 | |
| microsoft | internet_explorer | 6.0.2900.2180 | |
| microsoft | internet_explorer | 7.0 | |
| microsoft | internet_explorer | 7.0 | |
| microsoft | internet_explorer | 7.0 | |
| microsoft | internet_explorer | 7.0 | |
| canon | network_camera_server_vb101 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:ie:6:*:microsoft_windows_server_2003_sp1:*:*:*:*:*",
"matchCriteriaId": "12D23F59-5C49-4DE0-85E8-15287140660D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:*:windows_2000:*:*:*:*:*",
"matchCriteriaId": "CD115D64-87D8-4868-B247-16B83591B7FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:*:windows_server_2003:*:*:*:*:*",
"matchCriteriaId": "11A09F26-5FE3-4879-9FCB-769F8FB3D067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:*:windows_xp_professional_64bit:*:*:*:*:*",
"matchCriteriaId": "8EF317BB-E63A-4A60-A2E1-6797A402D88F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:sp1:windows_98:*:*:*:*:*",
"matchCriteriaId": "B1D7486F-1B6C-4705-B73C-F763F36F5150",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:sp1:windows_98_se:*:*:*:*:*",
"matchCriteriaId": "6DBFDCF4-ACC7-4196-BA4D-2A35FAA5E1F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:sp1:windows_millennium:*:*:*:*:*",
"matchCriteriaId": "5E49636B-A425-4595-9663-A22A9F7C7D30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:sp1:windows_xpsp1:*:*:*:*:*",
"matchCriteriaId": "FCFF1342-8AD8-4003-81AA-09DB4A12EEBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_2000_sp4:*:*:*:*:*:*",
"matchCriteriaId": "DBEABB0B-61EF-44E1-8673-F4B5A99A4164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1:*:*:*:*:*:*",
"matchCriteriaId": "B80088A3-2AA4-44A2-98DF-359E15F8E18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1_itanium:*:*:*:*:*:*",
"matchCriteriaId": "181D0FA2-79E1-4422-9810-D7A557805872",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1_itanium_systems:*:*:*:*:*:*",
"matchCriteriaId": "3665D68D-8E1E-4FA9-97B9-9E099DDE84F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_xp_sp2:*:*:*:*:*:*",
"matchCriteriaId": "81C4C1ED-AC7D-4970-8B34-62D304A83FE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6.0:*:windows_server:*:*:*:*:*",
"matchCriteriaId": "8D4BD1B0-8A91-4ED2-9C0D-BF87D18A01C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6.0:*:windows_server_2003:*:*:*:*:*",
"matchCriteriaId": "9B0F6E35-652C-4948-9FF4-DBF199B4FA21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6.0:*:windowsxp:*:*:*:*:*",
"matchCriteriaId": "DACE76B0-02BC-4624-A21E-405A893D7437",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "24DF2AB3-DEAB-4D70-986E-FFBB7E64B96A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6.0:sp1:windows_2000:*:*:*:*:*",
"matchCriteriaId": "09A21D9F-6F51-4761-B7DB-E79CE60A0E09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6.0:sp1:windows_xp:*:*:*:*:*",
"matchCriteriaId": "BA04D0A1-23AE-4C0F-8FE3-FD88D75CDA03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "DA3D2175-7DF7-4D57-8B26-5BA68EF7A935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6.0:sp2:windows_xp:*:*:*:*:*",
"matchCriteriaId": "B0BFE49F-932B-469C-9B3C-5011D093E1DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6.0:windows_xp_sp2:*:*:*:*:*:*",
"matchCriteriaId": "A53E9D33-ECCD-428B-A117-3EB04B9554C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:7:*:windows_server_2003:*:*:*:*:*",
"matchCriteriaId": "5B5F31E2-2060-45BC-9724-A447544905E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:7:windows_2000_sp4:*:*:*:*:*:*",
"matchCriteriaId": "73C3794B-E4B8-4AFB-9025-EDC5A2F44586",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:7:windows_server_2003_sp1:*:*:*:*:*:*",
"matchCriteriaId": "574EE6CB-7AF4-4DE2-B668-36BBCB19FCC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:7:windows_xp_sp2:*:*:*:*:*:*",
"matchCriteriaId": "BE2858A5-C9BF-40D8-B3D2-056562BF1C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:7.0:*:vista:*:*:*:*:*",
"matchCriteriaId": "3E51CBF2-EFFD-407D-AB34-BDE69EFD60E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:7.0:beta_2:*:*:*:*:*:*",
"matchCriteriaId": "4A33815E-5D85-4F0E-A4D1-DB31A64C8801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:7.0:windows_xp_sp2:*:*:*:*:*:*",
"matchCriteriaId": "DF4D6428-CD8B-4155-A876-89B0938AC02E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A19F6133-25D1-44A5-B6B9-354703436783",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2600:*:*:*:*:*:*:*",
"matchCriteriaId": "68656E52-AD8A-474E-9160-CD5F8857254B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2800:*:*:*:*:*:*:*",
"matchCriteriaId": "93F47C82-E767-47A8-88DE-417B004ED7FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2800.1106:*:*:*:*:*:*:*",
"matchCriteriaId": "F86E7189-CE21-4007-A3FA-39A6B51A5AB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2900:*:*:*:*:*:*:*",
"matchCriteriaId": "7B90EA4B-DA10-44B7-BD3D-6AE1197212D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBF9B51-5AF4-4317-9768-21D866AC7990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "506711D9-6E57-4EED-8628-36C7F2324040",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "ED471260-0272-431F-A91E-AC2883D92497",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "63D18070-EC48-4904-9AE0-558F7F3B869D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "86584E3F-3B0D-4018-A186-E59F3B01CA5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:canon:network_camera_server_vb101:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1EBD1BF-DEE2-4047-A8B4-3A816FC80003",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via an IFRAME with a certain XML file and XSL stylesheet that triggers a crash in mshtml.dll when a refresh is called, probably a null pointer dereference."
},
{
"lang": "es",
"value": "Microsoft Internet Explorer permite a atacantes remotos provocar denegaci\u00f3n de servicio (caida) a trav\u00e9s de un IFRAME con ciertos archivos XML y plantillas de estilo XSL que disparan una cauda en mshtml.dll cuando un se llama se solicita un refresco de cotenido, probablemente a un puntero de referencia nula."
}
],
"id": "CVE-2006-7065",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-02T21:18:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0163.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/19364"
},
{
"source": "cve@mitre.org",
"url": "http://www3.ca.com/be/securityadvisor/vulninfo/Vuln.aspx?ID=34511"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0163.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/19364"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www3.ca.com/be/securityadvisor/vulninfo/Vuln.aspx?ID=34511"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-3354
Vulnerability from fkie_nvd - Published: 2006-07-06 01:05 - Updated: 2025-04-03 01:03
Severity ?
Summary
Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Filter property of an ADODB.Recordset ActiveX object to certain values multiple times, which triggers a null dereference.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6.0 | |
| microsoft | ie | 6.0 | |
| microsoft | ie | 6.0 | |
| microsoft | ie | 6.0 | |
| microsoft | internet_explorer | 6 | |
| microsoft | internet_explorer | 6.0 | |
| microsoft | internet_explorer | 6.0.2600 | |
| microsoft | internet_explorer | 6.0.2800 | |
| microsoft | internet_explorer | 6.0.2800.1106 | |
| microsoft | internet_explorer | 6.0.2900.2180 | |
| canon | network_camera_server_vb101 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:ie:6:*:windows_xp_professional_64bit:*:*:*:*:*",
"matchCriteriaId": "8EF317BB-E63A-4A60-A2E1-6797A402D88F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:sp1:windows_98:*:*:*:*:*",
"matchCriteriaId": "B1D7486F-1B6C-4705-B73C-F763F36F5150",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:sp1:windows_98_se:*:*:*:*:*",
"matchCriteriaId": "6DBFDCF4-ACC7-4196-BA4D-2A35FAA5E1F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:sp1:windows_millennium:*:*:*:*:*",
"matchCriteriaId": "5E49636B-A425-4595-9663-A22A9F7C7D30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:sp1:windows_xpsp1:*:*:*:*:*",
"matchCriteriaId": "FCFF1342-8AD8-4003-81AA-09DB4A12EEBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_2000_sp4:*:*:*:*:*:*",
"matchCriteriaId": "DBEABB0B-61EF-44E1-8673-F4B5A99A4164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1:*:*:*:*:*:*",
"matchCriteriaId": "B80088A3-2AA4-44A2-98DF-359E15F8E18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1_itanium:*:*:*:*:*:*",
"matchCriteriaId": "181D0FA2-79E1-4422-9810-D7A557805872",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1_itanium_systems:*:*:*:*:*:*",
"matchCriteriaId": "3665D68D-8E1E-4FA9-97B9-9E099DDE84F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_xp_sp2:*:*:*:*:*:*",
"matchCriteriaId": "81C4C1ED-AC7D-4970-8B34-62D304A83FE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6.0:*:windows_server_2003:*:*:*:*:*",
"matchCriteriaId": "9B0F6E35-652C-4948-9FF4-DBF199B4FA21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "24DF2AB3-DEAB-4D70-986E-FFBB7E64B96A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "DA3D2175-7DF7-4D57-8B26-5BA68EF7A935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6.0:windows_xp_sp2:*:*:*:*:*:*",
"matchCriteriaId": "A53E9D33-ECCD-428B-A117-3EB04B9554C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A19F6133-25D1-44A5-B6B9-354703436783",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2600:*:*:*:*:*:*:*",
"matchCriteriaId": "68656E52-AD8A-474E-9160-CD5F8857254B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2800:*:*:*:*:*:*:*",
"matchCriteriaId": "93F47C82-E767-47A8-88DE-417B004ED7FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2800.1106:*:*:*:*:*:*:*",
"matchCriteriaId": "F86E7189-CE21-4007-A3FA-39A6B51A5AB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBF9B51-5AF4-4317-9768-21D866AC7990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:canon:network_camera_server_vb101:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1EBD1BF-DEE2-4047-A8B4-3A816FC80003",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Filter property of an ADODB.Recordset ActiveX object to certain values multiple times, which triggers a null dereference."
},
{
"lang": "es",
"value": "Vulnerabilidad en el navegador web Internet Explorer v6 de Microsoft que permite a atacantes remotos causar una denegaci\u00f3n de servicio (indisponibilidad de la aplicaci\u00f3n) asignando a la propiedad \"Filter\" (filtro) de un objeto ActiveX ADODB.Recordset ciertos valores varias veces, lo que dispara un de-referenciaci\u00f3n de un direcci\u00f3n (o puntero) nula."
}
],
"id": "CVE-2006-3354",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-07-06T01:05:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://browserfun.blogspot.com/2006/07/mobb-1-adodbrecordset-filter-property.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/26834"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/18773"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://browserfun.blogspot.com/2006/07/mobb-1-adodbrecordset-filter-property.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/26834"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/18773"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27596"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-2900
Vulnerability from fkie_nvd - Published: 2006-06-07 16:02 - Updated: 2025-04-03 01:03
Severity ?
Summary
Internet Explorer 6 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be inserted into a file upload input control, which can then upload the file when the user submits the form.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:ie:5.01:windows_2000_sp4:*:*:*:*:*:*",
"matchCriteriaId": "B054A26A-7414-41B2-A46D-49E798D7A346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:*:windows_xp_professional_64bit:*:*:*:*:*",
"matchCriteriaId": "8EF317BB-E63A-4A60-A2E1-6797A402D88F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:sp1:windows_98:*:*:*:*:*",
"matchCriteriaId": "B1D7486F-1B6C-4705-B73C-F763F36F5150",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:sp1:windows_98_se:*:*:*:*:*",
"matchCriteriaId": "6DBFDCF4-ACC7-4196-BA4D-2A35FAA5E1F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:sp1:windows_millennium:*:*:*:*:*",
"matchCriteriaId": "5E49636B-A425-4595-9663-A22A9F7C7D30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:sp1:windows_xpsp1:*:*:*:*:*",
"matchCriteriaId": "FCFF1342-8AD8-4003-81AA-09DB4A12EEBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_2000_sp4:*:*:*:*:*:*",
"matchCriteriaId": "DBEABB0B-61EF-44E1-8673-F4B5A99A4164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1:*:*:*:*:*:*",
"matchCriteriaId": "B80088A3-2AA4-44A2-98DF-359E15F8E18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1_itanium:*:*:*:*:*:*",
"matchCriteriaId": "181D0FA2-79E1-4422-9810-D7A557805872",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_xp_sp2:*:*:*:*:*:*",
"matchCriteriaId": "81C4C1ED-AC7D-4970-8B34-62D304A83FE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:canon:network_camera_server_vb101:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1EBD1BF-DEE2-4047-A8B4-3A816FC80003",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Internet Explorer 6 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be inserted into a file upload input control, which can then upload the file when the user submits the form."
}
],
"id": "CVE-2006-2900",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2006-06-07T16:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046610.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20449"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/1059"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/18308"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/2161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046610.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20449"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/1059"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/18308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/2161"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-1188
Vulnerability from fkie_nvd - Published: 2006-04-11 23:02 - Updated: 2025-04-03 01:03
Severity ?
Summary
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | ie | 5.1 | |
| microsoft | ie | 5.2.3 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6.0 | |
| microsoft | ie | 6.0 | |
| microsoft | ie | 6.0 | |
| microsoft | internet_explorer | 5.1 | |
| microsoft | internet_explorer | 5.5 | |
| microsoft | internet_explorer | 5.5 | |
| microsoft | internet_explorer | 5.5 | |
| microsoft | internet_explorer | 5.5 | |
| microsoft | internet_explorer | 6 | |
| microsoft | internet_explorer | 6.0 | |
| microsoft | internet_explorer | 6.0.2600 | |
| microsoft | internet_explorer | 6.0.2800 | |
| microsoft | internet_explorer | 6.0.2800.1106 | |
| microsoft | internet_explorer | 6.0.2900.2180 | |
| canon | network_camera_server_vb101 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:ie:5.1:*:mac_os:*:*:*:*:*",
"matchCriteriaId": "4CF91C2F-EE6D-4C9E-8F39-1F632399EC49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:5.2.3:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "EB51F2D6-3CCA-4695-8A92-39999749B3DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:*:windows_xp_professional_64bit:*:*:*:*:*",
"matchCriteriaId": "8EF317BB-E63A-4A60-A2E1-6797A402D88F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:sp1:windows_xpsp1:*:*:*:*:*",
"matchCriteriaId": "FCFF1342-8AD8-4003-81AA-09DB4A12EEBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_2000_sp4:*:*:*:*:*:*",
"matchCriteriaId": "DBEABB0B-61EF-44E1-8673-F4B5A99A4164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1:*:*:*:*:*:*",
"matchCriteriaId": "B80088A3-2AA4-44A2-98DF-359E15F8E18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1_itanium_systems:*:*:*:*:*:*",
"matchCriteriaId": "3665D68D-8E1E-4FA9-97B9-9E099DDE84F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_xp_sp2:*:*:*:*:*:*",
"matchCriteriaId": "81C4C1ED-AC7D-4970-8B34-62D304A83FE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6.0:*:windows_server_2003:*:*:*:*:*",
"matchCriteriaId": "9B0F6E35-652C-4948-9FF4-DBF199B4FA21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "24DF2AB3-DEAB-4D70-986E-FFBB7E64B96A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "DA3D2175-7DF7-4D57-8B26-5BA68EF7A935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CFF390-FF33-45CA-BC96-C6766491C616",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "40F8042F-C621-45AE-9F8C-70469579643A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:preview:*:*:*:*:*:*",
"matchCriteriaId": "8E93C22E-812E-4CDA-9850-2386CE1E817A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2CD04E07-3664-4D4F-BF3E-6B33AF0F2D12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*",
"matchCriteriaId": "D05ED9D0-CF78-4FAD-9371-6FB3D5825148",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A19F6133-25D1-44A5-B6B9-354703436783",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2600:*:*:*:*:*:*:*",
"matchCriteriaId": "68656E52-AD8A-474E-9160-CD5F8857254B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2800:*:*:*:*:*:*:*",
"matchCriteriaId": "93F47C82-E767-47A8-88DE-417B004ED7FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2800.1106:*:*:*:*:*:*:*",
"matchCriteriaId": "F86E7189-CE21-4007-A3FA-39A6B51A5AB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBF9B51-5AF4-4317-9768-21D866AC7990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:canon:network_camera_server_vb101:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1EBD1BF-DEE2-4047-A8B4-3A816FC80003",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption."
}
],
"id": "CVE-2006-1188",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-04-11T23:02:00.000",
"references": [
{
"source": "secure@microsoft.com",
"url": "http://secunia.com/advisories/18957"
},
{
"source": "secure@microsoft.com",
"url": "http://securitytracker.com/id?1015900"
},
{
"source": "secure@microsoft.com",
"tags": [
"Patch",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/824324"
},
{
"source": "secure@microsoft.com",
"url": "http://www.securityfocus.com/archive/1/435096/30/4710/threaded"
},
{
"source": "secure@microsoft.com",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
},
{
"source": "secure@microsoft.com",
"url": "http://www.vupen.com/english/advisories/2006/1318"
},
{
"source": "secure@microsoft.com",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"source": "secure@microsoft.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1144"
},
{
"source": "secure@microsoft.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1290"
},
{
"source": "secure@microsoft.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1296"
},
{
"source": "secure@microsoft.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1773"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18957"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015900"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/824324"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/435096/30/4710/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/1318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1290"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1296"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1773"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-1185
Vulnerability from fkie_nvd - Published: 2006-04-11 23:02 - Updated: 2025-04-03 01:03
Severity ?
Summary
Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:ie:5.01:windows_2000_sp4:*:*:*:*:*:*",
"matchCriteriaId": "B054A26A-7414-41B2-A46D-49E798D7A346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:*:windows_xp_professional_64bit:*:*:*:*:*",
"matchCriteriaId": "8EF317BB-E63A-4A60-A2E1-6797A402D88F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:sp1:windows_xpsp1:*:*:*:*:*",
"matchCriteriaId": "FCFF1342-8AD8-4003-81AA-09DB4A12EEBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_2000_sp4:*:*:*:*:*:*",
"matchCriteriaId": "DBEABB0B-61EF-44E1-8673-F4B5A99A4164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1:*:*:*:*:*:*",
"matchCriteriaId": "B80088A3-2AA4-44A2-98DF-359E15F8E18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1_itanium_systems:*:*:*:*:*:*",
"matchCriteriaId": "3665D68D-8E1E-4FA9-97B9-9E099DDE84F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_xp_sp2:*:*:*:*:*:*",
"matchCriteriaId": "81C4C1ED-AC7D-4970-8B34-62D304A83FE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:canon:network_camera_server_vb101:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1EBD1BF-DEE2-4047-A8B4-3A816FC80003",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption."
}
],
"id": "CVE-2006-1185",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-04-11T23:02:00.000",
"references": [
{
"source": "secure@microsoft.com",
"url": "http://secunia.com/advisories/18957"
},
{
"source": "secure@microsoft.com",
"url": "http://securitytracker.com/id?1015900"
},
{
"source": "secure@microsoft.com",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/503124"
},
{
"source": "secure@microsoft.com",
"url": "http://www.securityfocus.com/bid/17450"
},
{
"source": "secure@microsoft.com",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
},
{
"source": "secure@microsoft.com",
"url": "http://www.vupen.com/english/advisories/2006/1318"
},
{
"source": "secure@microsoft.com",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"source": "secure@microsoft.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25542"
},
{
"source": "secure@microsoft.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1677"
},
{
"source": "secure@microsoft.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1711"
},
{
"source": "secure@microsoft.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18957"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015900"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/503124"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/17450"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/1318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1677"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1711"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A787"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-1192
Vulnerability from fkie_nvd - Published: 2006-04-11 23:02 - Updated: 2025-04-03 01:03
Severity ?
Summary
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow "window content to persist" after the user has navigated to another site, aka the "Address Bar Spoofing Vulnerability." NOTE: this is a different vulnerability than CVE-2006-1626.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:ie:5.01:windows_2000_sp4:*:*:*:*:*:*",
"matchCriteriaId": "B054A26A-7414-41B2-A46D-49E798D7A346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:*:windows_xp_professional_64bit:*:*:*:*:*",
"matchCriteriaId": "8EF317BB-E63A-4A60-A2E1-6797A402D88F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:sp1:windows_xpsp1:*:*:*:*:*",
"matchCriteriaId": "FCFF1342-8AD8-4003-81AA-09DB4A12EEBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_2000_sp4:*:*:*:*:*:*",
"matchCriteriaId": "DBEABB0B-61EF-44E1-8673-F4B5A99A4164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1:*:*:*:*:*:*",
"matchCriteriaId": "B80088A3-2AA4-44A2-98DF-359E15F8E18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1_itanium_systems:*:*:*:*:*:*",
"matchCriteriaId": "3665D68D-8E1E-4FA9-97B9-9E099DDE84F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_xp_sp2:*:*:*:*:*:*",
"matchCriteriaId": "81C4C1ED-AC7D-4970-8B34-62D304A83FE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:canon:network_camera_server_vb101:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1EBD1BF-DEE2-4047-A8B4-3A816FC80003",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow \"window content to persist\" after the user has navigated to another site, aka the \"Address Bar Spoofing Vulnerability.\" NOTE: this is a different vulnerability than CVE-2006-1626."
}
],
"id": "CVE-2006-1192",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2006-04-11T23:02:00.000",
"references": [
{
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18957"
},
{
"source": "secure@microsoft.com",
"url": "http://securityreason.com/securityalert/670"
},
{
"source": "secure@microsoft.com",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015899"
},
{
"source": "secure@microsoft.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/17460"
},
{
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/1318"
},
{
"source": "secure@microsoft.com",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"source": "secure@microsoft.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25557"
},
{
"source": "secure@microsoft.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1336"
},
{
"source": "secure@microsoft.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1498"
},
{
"source": "secure@microsoft.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1645"
},
{
"source": "secure@microsoft.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1725"
},
{
"source": "secure@microsoft.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1740"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18957"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/670"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015899"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/17460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/1318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25557"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1498"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1645"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1725"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1740"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2005-4827
Vulnerability from fkie_nvd - Published: 2005-12-31 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) and using tab, newline, and carriage return characters within the first argument (method name), which is supported by some proxy servers that convert tabs to spaces. NOTE: this issue can be leveraged to conduct referer spoofing, HTTP Request Smuggling, and other attacks.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6 | |
| microsoft | ie | 6.0 | |
| microsoft | ie | 6.0 | |
| microsoft | ie | 6.0 | |
| microsoft | ie | 6.0 | |
| microsoft | ie | 6.0 | |
| microsoft | ie | 6.0 | |
| microsoft | ie | 6.0 | |
| microsoft | ie | 6.0 | |
| microsoft | ie | 6.0 | |
| microsoft | internet_explorer | 6 | |
| microsoft | internet_explorer | 6.0 | |
| microsoft | internet_explorer | 6.0.2600 | |
| microsoft | internet_explorer | 6.0.2800 | |
| microsoft | internet_explorer | 6.0.2800.1106 | |
| microsoft | internet_explorer | 6.0.2900.2180 | |
| canon | network_camera_server_vb101 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:ie:6:*:microsoft_windows_server_2003_sp1:*:*:*:*:*",
"matchCriteriaId": "12D23F59-5C49-4DE0-85E8-15287140660D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:*:windows_2000:*:*:*:*:*",
"matchCriteriaId": "CD115D64-87D8-4868-B247-16B83591B7FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:*:windows_server_2003:*:*:*:*:*",
"matchCriteriaId": "11A09F26-5FE3-4879-9FCB-769F8FB3D067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:*:windows_xp_professional_64bit:*:*:*:*:*",
"matchCriteriaId": "8EF317BB-E63A-4A60-A2E1-6797A402D88F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:sp1:windows_98:*:*:*:*:*",
"matchCriteriaId": "B1D7486F-1B6C-4705-B73C-F763F36F5150",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:sp1:windows_98_se:*:*:*:*:*",
"matchCriteriaId": "6DBFDCF4-ACC7-4196-BA4D-2A35FAA5E1F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:sp1:windows_millennium:*:*:*:*:*",
"matchCriteriaId": "5E49636B-A425-4595-9663-A22A9F7C7D30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:sp1:windows_xpsp1:*:*:*:*:*",
"matchCriteriaId": "FCFF1342-8AD8-4003-81AA-09DB4A12EEBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_2000_sp4:*:*:*:*:*:*",
"matchCriteriaId": "DBEABB0B-61EF-44E1-8673-F4B5A99A4164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1:*:*:*:*:*:*",
"matchCriteriaId": "B80088A3-2AA4-44A2-98DF-359E15F8E18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1_itanium:*:*:*:*:*:*",
"matchCriteriaId": "181D0FA2-79E1-4422-9810-D7A557805872",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1_itanium_systems:*:*:*:*:*:*",
"matchCriteriaId": "3665D68D-8E1E-4FA9-97B9-9E099DDE84F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6:windows_xp_sp2:*:*:*:*:*:*",
"matchCriteriaId": "81C4C1ED-AC7D-4970-8B34-62D304A83FE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6.0:*:windows_server:*:*:*:*:*",
"matchCriteriaId": "8D4BD1B0-8A91-4ED2-9C0D-BF87D18A01C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6.0:*:windows_server_2003:*:*:*:*:*",
"matchCriteriaId": "9B0F6E35-652C-4948-9FF4-DBF199B4FA21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6.0:*:windowsxp:*:*:*:*:*",
"matchCriteriaId": "DACE76B0-02BC-4624-A21E-405A893D7437",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "24DF2AB3-DEAB-4D70-986E-FFBB7E64B96A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6.0:sp1:windows_2000:*:*:*:*:*",
"matchCriteriaId": "09A21D9F-6F51-4761-B7DB-E79CE60A0E09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6.0:sp1:windows_xp:*:*:*:*:*",
"matchCriteriaId": "BA04D0A1-23AE-4C0F-8FE3-FD88D75CDA03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "DA3D2175-7DF7-4D57-8B26-5BA68EF7A935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6.0:sp2:windows_xp:*:*:*:*:*",
"matchCriteriaId": "B0BFE49F-932B-469C-9B3C-5011D093E1DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:6.0:windows_xp_sp2:*:*:*:*:*:*",
"matchCriteriaId": "A53E9D33-ECCD-428B-A117-3EB04B9554C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A19F6133-25D1-44A5-B6B9-354703436783",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2600:*:*:*:*:*:*:*",
"matchCriteriaId": "68656E52-AD8A-474E-9160-CD5F8857254B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2800:*:*:*:*:*:*:*",
"matchCriteriaId": "93F47C82-E767-47A8-88DE-417B004ED7FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2800.1106:*:*:*:*:*:*:*",
"matchCriteriaId": "F86E7189-CE21-4007-A3FA-39A6B51A5AB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBF9B51-5AF4-4317-9768-21D866AC7990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:canon:network_camera_server_vb101:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1EBD1BF-DEE2-4047-A8B4-3A816FC80003",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) and using tab, newline, and carriage return characters within the first argument (method name), which is supported by some proxy servers that convert tabs to spaces. NOTE: this issue can be leveraged to conduct referer spoofing, HTTP Request Smuggling, and other attacks."
}
],
"id": "CVE-2005-4827",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://seclists.org/fulldisclosure/2007/Feb/0081.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/archive/1/411585"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/459172/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/14969"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://seclists.org/fulldisclosure/2007/Feb/0081.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/archive/1/411585"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/459172/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/14969"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2007-2680 (GCVE-0-2007-2680)
Vulnerability from cvelistv5 – Published: 2007-05-15 00:00 – Updated: 2024-08-07 13:49
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:49:57.245Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-1461",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1461"
},
{
"name": "JVN#06735665",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2306735665/"
},
{
"name": "24940",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24940"
},
{
"name": "23560",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23560"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cweb.canon.jp/drv-upd/webview/notification.html"
},
{
"name": "35019",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35019"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-11T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-1461",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1461"
},
{
"name": "JVN#06735665",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2306735665/"
},
{
"name": "24940",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24940"
},
{
"name": "23560",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23560"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cweb.canon.jp/drv-upd/webview/notification.html"
},
{
"name": "35019",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35019"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2680",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1461",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1461"
},
{
"name": "JVN#06735665",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2306735665/"
},
{
"name": "24940",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24940"
},
{
"name": "23560",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23560"
},
{
"name": "http://cweb.canon.jp/drv-upd/webview/notification.html",
"refsource": "CONFIRM",
"url": "http://cweb.canon.jp/drv-upd/webview/notification.html"
},
{
"name": "35019",
"refsource": "OSVDB",
"url": "http://osvdb.org/35019"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2680",
"datePublished": "2007-05-15T00:00:00",
"dateReserved": "2007-05-14T00:00:00",
"dateUpdated": "2024-08-07T13:49:57.245Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-7065 (GCVE-0-2006-7065)
Vulnerability from cvelistv5 – Published: 2007-02-27 18:00 – Updated: 2024-09-16 19:52
VLAI?
Summary
Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via an IFRAME with a certain XML file and XSL stylesheet that triggers a crash in mshtml.dll when a refresh is called, probably a null pointer dereference.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:50:05.988Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19364",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19364"
},
{
"name": "20060806 bugs",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0163.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www3.ca.com/be/securityadvisor/vulninfo/Vuln.aspx?ID=34511"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via an IFRAME with a certain XML file and XSL stylesheet that triggers a crash in mshtml.dll when a refresh is called, probably a null pointer dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-02-27T18:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19364",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19364"
},
{
"name": "20060806 bugs",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0163.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www3.ca.com/be/securityadvisor/vulninfo/Vuln.aspx?ID=34511"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-7065",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via an IFRAME with a certain XML file and XSL stylesheet that triggers a crash in mshtml.dll when a refresh is called, probably a null pointer dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19364",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19364"
},
{
"name": "20060806 bugs",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0163.html"
},
{
"name": "http://www3.ca.com/be/securityadvisor/vulninfo/Vuln.aspx?ID=34511",
"refsource": "MISC",
"url": "http://www3.ca.com/be/securityadvisor/vulninfo/Vuln.aspx?ID=34511"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-7065",
"datePublished": "2007-02-27T18:00:00Z",
"dateReserved": "2007-02-27T00:00:00Z",
"dateUpdated": "2024-09-16T19:52:09.463Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4827 (GCVE-0-2005-4827)
Vulnerability from cvelistv5 – Published: 2007-02-07 20:00 – Updated: 2024-08-08 00:01
VLAI?
Summary
Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) and using tab, newline, and carriage return characters within the first argument (method name), which is supported by some proxy servers that convert tabs to spaces. NOTE: this issue can be leveraged to conduct referer spoofing, HTTP Request Smuggling, and other attacks.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.269Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070203 Web 2.0 backdoors made easy with MSIE \u0026 XMLHttpRequest",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2007/Feb/0081.html"
},
{
"name": "20070204 Re: Web 2.0 backdoors made easy with MSIE \u0026 XMLHttpRequest",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/459172/100/0/threaded"
},
{
"name": "14969",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14969"
},
{
"name": "20070203 Re: Web 2.0 backdoors made easy with MSIE \u0026 XMLHttpRequest",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/459172/100/0/threaded"
},
{
"name": "20050924 \"Exploiting the XmlHttpRequest object in IE\" - paper by Amit Klein",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/411585"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-09-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) and using tab, newline, and carriage return characters within the first argument (method name), which is supported by some proxy servers that convert tabs to spaces. NOTE: this issue can be leveraged to conduct referer spoofing, HTTP Request Smuggling, and other attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070203 Web 2.0 backdoors made easy with MSIE \u0026 XMLHttpRequest",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2007/Feb/0081.html"
},
{
"name": "20070204 Re: Web 2.0 backdoors made easy with MSIE \u0026 XMLHttpRequest",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/459172/100/0/threaded"
},
{
"name": "14969",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14969"
},
{
"name": "20070203 Re: Web 2.0 backdoors made easy with MSIE \u0026 XMLHttpRequest",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/459172/100/0/threaded"
},
{
"name": "20050924 \"Exploiting the XmlHttpRequest object in IE\" - paper by Amit Klein",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/411585"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4827",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) and using tab, newline, and carriage return characters within the first argument (method name), which is supported by some proxy servers that convert tabs to spaces. NOTE: this issue can be leveraged to conduct referer spoofing, HTTP Request Smuggling, and other attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070203 Web 2.0 backdoors made easy with MSIE \u0026 XMLHttpRequest",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2007/Feb/0081.html"
},
{
"name": "20070204 Re: Web 2.0 backdoors made easy with MSIE \u0026 XMLHttpRequest",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/459172/100/0/threaded"
},
{
"name": "14969",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14969"
},
{
"name": "20070203 Re: Web 2.0 backdoors made easy with MSIE \u0026 XMLHttpRequest",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/459172/100/0/threaded"
},
{
"name": "20050924 \"Exploiting the XmlHttpRequest object in IE\" - paper by Amit Klein",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/411585"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4827",
"datePublished": "2007-02-07T20:00:00",
"dateReserved": "2007-02-07T00:00:00",
"dateUpdated": "2024-08-08T00:01:23.269Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3354 (GCVE-0-2006-3354)
Vulnerability from cvelistv5 – Published: 2006-07-06 01:00 – Updated: 2024-08-07 18:23
VLAI?
Summary
Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Filter property of an ADODB.Recordset ActiveX object to certain values multiple times, which triggers a null dereference.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:23:21.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://browserfun.blogspot.com/2006/07/mobb-1-adodbrecordset-filter-property.html"
},
{
"name": "ie-adodb-recordset-dos(27596)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27596"
},
{
"name": "18773",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18773"
},
{
"name": "26834",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/26834"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Filter property of an ADODB.Recordset ActiveX object to certain values multiple times, which triggers a null dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://browserfun.blogspot.com/2006/07/mobb-1-adodbrecordset-filter-property.html"
},
{
"name": "ie-adodb-recordset-dos(27596)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27596"
},
{
"name": "18773",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18773"
},
{
"name": "26834",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/26834"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3354",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Filter property of an ADODB.Recordset ActiveX object to certain values multiple times, which triggers a null dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://browserfun.blogspot.com/2006/07/mobb-1-adodbrecordset-filter-property.html",
"refsource": "MISC",
"url": "http://browserfun.blogspot.com/2006/07/mobb-1-adodbrecordset-filter-property.html"
},
{
"name": "ie-adodb-recordset-dos(27596)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27596"
},
{
"name": "18773",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18773"
},
{
"name": "26834",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26834"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3354",
"datePublished": "2006-07-06T01:00:00",
"dateReserved": "2006-07-05T00:00:00",
"dateUpdated": "2024-08-07T18:23:21.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2900 (GCVE-0-2006-2900)
Vulnerability from cvelistv5 – Published: 2006-06-07 16:00 – Updated: 2024-08-07 18:06
VLAI?
Summary
Internet Explorer 6 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be inserted into a file upload input control, which can then upload the file when the user submits the form.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:06:27.167Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-2161",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2161"
},
{
"name": "1059",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1059"
},
{
"name": "18308",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18308"
},
{
"name": "20449",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20449"
},
{
"name": "20060605 file upload widgets in IE and Firefox have issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046610.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Internet Explorer 6 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be inserted into a file upload input control, which can then upload the file when the user submits the form."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-06-13T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-2161",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2161"
},
{
"name": "1059",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1059"
},
{
"name": "18308",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18308"
},
{
"name": "20449",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20449"
},
{
"name": "20060605 file upload widgets in IE and Firefox have issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046610.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2900",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Internet Explorer 6 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be inserted into a file upload input control, which can then upload the file when the user submits the form."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-2161",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2161"
},
{
"name": "1059",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1059"
},
{
"name": "18308",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18308"
},
{
"name": "20449",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20449"
},
{
"name": "20060605 file upload widgets in IE and Firefox have issues",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046610.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2900",
"datePublished": "2006-06-07T16:00:00",
"dateReserved": "2006-06-07T00:00:00",
"dateUpdated": "2024-08-07T18:06:27.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1185 (GCVE-0-2006-1185)
Vulnerability from cvelistv5 – Published: 2006-04-11 23:00 – Updated: 2024-08-07 17:03
VLAI?
Summary
Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:03:28.268Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18957",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18957"
},
{
"name": "1015900",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015900"
},
{
"name": "oval:org.mitre.oval:def:1677",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1677"
},
{
"name": "oval:org.mitre.oval:def:787",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A787"
},
{
"name": "TA06-101A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
},
{
"name": "oval:org.mitre.oval:def:1711",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1711"
},
{
"name": "17450",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17450"
},
{
"name": "ie-html-execute-code(25542)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25542"
},
{
"name": "VU#503124",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/503124"
},
{
"name": "MS06-013",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"name": "ADV-2006-1318",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1318"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "18957",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18957"
},
{
"name": "1015900",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015900"
},
{
"name": "oval:org.mitre.oval:def:1677",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1677"
},
{
"name": "oval:org.mitre.oval:def:787",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A787"
},
{
"name": "TA06-101A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
},
{
"name": "oval:org.mitre.oval:def:1711",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1711"
},
{
"name": "17450",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17450"
},
{
"name": "ie-html-execute-code(25542)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25542"
},
{
"name": "VU#503124",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/503124"
},
{
"name": "MS06-013",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"name": "ADV-2006-1318",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1318"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2006-1185",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18957",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18957"
},
{
"name": "1015900",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015900"
},
{
"name": "oval:org.mitre.oval:def:1677",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1677"
},
{
"name": "oval:org.mitre.oval:def:787",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A787"
},
{
"name": "TA06-101A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
},
{
"name": "oval:org.mitre.oval:def:1711",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1711"
},
{
"name": "17450",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17450"
},
{
"name": "ie-html-execute-code(25542)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25542"
},
{
"name": "VU#503124",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/503124"
},
{
"name": "MS06-013",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"name": "ADV-2006-1318",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1318"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2006-1185",
"datePublished": "2006-04-11T23:00:00",
"dateReserved": "2006-03-13T00:00:00",
"dateUpdated": "2024-08-07T17:03:28.268Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1188 (GCVE-0-2006-1188)
Vulnerability from cvelistv5 – Published: 2006-04-11 23:00 – Updated: 2024-08-07 17:03
VLAI?
Summary
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:03:28.518Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060525 [BuHa-Security] MS06-013: HTML Tag Memory Corruption Vulnerability in MS IE 6 SP2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/435096/30/4710/threaded"
},
{
"name": "oval:org.mitre.oval:def:1144",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1144"
},
{
"name": "18957",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18957"
},
{
"name": "1015900",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015900"
},
{
"name": "oval:org.mitre.oval:def:1290",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1290"
},
{
"name": "VU#824324",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/824324"
},
{
"name": "TA06-101A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
},
{
"name": "oval:org.mitre.oval:def:1773",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1773"
},
{
"name": "MS06-013",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"name": "ADV-2006-1318",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1318"
},
{
"name": "oval:org.mitre.oval:def:1296",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1296"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "20060525 [BuHa-Security] MS06-013: HTML Tag Memory Corruption Vulnerability in MS IE 6 SP2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/435096/30/4710/threaded"
},
{
"name": "oval:org.mitre.oval:def:1144",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1144"
},
{
"name": "18957",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18957"
},
{
"name": "1015900",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015900"
},
{
"name": "oval:org.mitre.oval:def:1290",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1290"
},
{
"name": "VU#824324",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/824324"
},
{
"name": "TA06-101A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
},
{
"name": "oval:org.mitre.oval:def:1773",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1773"
},
{
"name": "MS06-013",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"name": "ADV-2006-1318",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1318"
},
{
"name": "oval:org.mitre.oval:def:1296",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1296"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2006-1188",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060525 [BuHa-Security] MS06-013: HTML Tag Memory Corruption Vulnerability in MS IE 6 SP2",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435096/30/4710/threaded"
},
{
"name": "oval:org.mitre.oval:def:1144",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1144"
},
{
"name": "18957",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18957"
},
{
"name": "1015900",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015900"
},
{
"name": "oval:org.mitre.oval:def:1290",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1290"
},
{
"name": "VU#824324",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/824324"
},
{
"name": "TA06-101A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
},
{
"name": "oval:org.mitre.oval:def:1773",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1773"
},
{
"name": "MS06-013",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"name": "ADV-2006-1318",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1318"
},
{
"name": "oval:org.mitre.oval:def:1296",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1296"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2006-1188",
"datePublished": "2006-04-11T23:00:00",
"dateReserved": "2006-03-13T00:00:00",
"dateUpdated": "2024-08-07T17:03:28.518Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1192 (GCVE-0-2006-1192)
Vulnerability from cvelistv5 – Published: 2006-04-11 23:00 – Updated: 2024-08-07 17:03
VLAI?
Summary
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow "window content to persist" after the user has navigated to another site, aka the "Address Bar Spoofing Vulnerability." NOTE: this is a different vulnerability than CVE-2006-1626.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:03:28.582Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18957",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18957"
},
{
"name": "oval:org.mitre.oval:def:1498",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1498"
},
{
"name": "670",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/670"
},
{
"name": "ie-browser-window-spoofing(25557)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25557"
},
{
"name": "17460",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17460"
},
{
"name": "oval:org.mitre.oval:def:1645",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1645"
},
{
"name": "MS06-013",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"name": "oval:org.mitre.oval:def:1336",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1336"
},
{
"name": "ADV-2006-1318",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1318"
},
{
"name": "oval:org.mitre.oval:def:1740",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1740"
},
{
"name": "1015899",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015899"
},
{
"name": "oval:org.mitre.oval:def:1725",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1725"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow \"window content to persist\" after the user has navigated to another site, aka the \"Address Bar Spoofing Vulnerability.\" NOTE: this is a different vulnerability than CVE-2006-1626."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "18957",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18957"
},
{
"name": "oval:org.mitre.oval:def:1498",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1498"
},
{
"name": "670",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/670"
},
{
"name": "ie-browser-window-spoofing(25557)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25557"
},
{
"name": "17460",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17460"
},
{
"name": "oval:org.mitre.oval:def:1645",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1645"
},
{
"name": "MS06-013",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"name": "oval:org.mitre.oval:def:1336",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1336"
},
{
"name": "ADV-2006-1318",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1318"
},
{
"name": "oval:org.mitre.oval:def:1740",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1740"
},
{
"name": "1015899",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015899"
},
{
"name": "oval:org.mitre.oval:def:1725",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1725"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2006-1192",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow \"window content to persist\" after the user has navigated to another site, aka the \"Address Bar Spoofing Vulnerability.\" NOTE: this is a different vulnerability than CVE-2006-1626."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18957",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18957"
},
{
"name": "oval:org.mitre.oval:def:1498",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1498"
},
{
"name": "670",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/670"
},
{
"name": "ie-browser-window-spoofing(25557)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25557"
},
{
"name": "17460",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17460"
},
{
"name": "oval:org.mitre.oval:def:1645",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1645"
},
{
"name": "MS06-013",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"name": "oval:org.mitre.oval:def:1336",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1336"
},
{
"name": "ADV-2006-1318",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1318"
},
{
"name": "oval:org.mitre.oval:def:1740",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1740"
},
{
"name": "1015899",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015899"
},
{
"name": "oval:org.mitre.oval:def:1725",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1725"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2006-1192",
"datePublished": "2006-04-11T23:00:00",
"dateReserved": "2006-03-13T00:00:00",
"dateUpdated": "2024-08-07T17:03:28.582Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2680 (GCVE-0-2007-2680)
Vulnerability from nvd – Published: 2007-05-15 00:00 – Updated: 2024-08-07 13:49
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:49:57.245Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-1461",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1461"
},
{
"name": "JVN#06735665",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2306735665/"
},
{
"name": "24940",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24940"
},
{
"name": "23560",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23560"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cweb.canon.jp/drv-upd/webview/notification.html"
},
{
"name": "35019",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35019"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-11T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-1461",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1461"
},
{
"name": "JVN#06735665",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2306735665/"
},
{
"name": "24940",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24940"
},
{
"name": "23560",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23560"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cweb.canon.jp/drv-upd/webview/notification.html"
},
{
"name": "35019",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35019"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2680",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1461",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1461"
},
{
"name": "JVN#06735665",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2306735665/"
},
{
"name": "24940",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24940"
},
{
"name": "23560",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23560"
},
{
"name": "http://cweb.canon.jp/drv-upd/webview/notification.html",
"refsource": "CONFIRM",
"url": "http://cweb.canon.jp/drv-upd/webview/notification.html"
},
{
"name": "35019",
"refsource": "OSVDB",
"url": "http://osvdb.org/35019"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2680",
"datePublished": "2007-05-15T00:00:00",
"dateReserved": "2007-05-14T00:00:00",
"dateUpdated": "2024-08-07T13:49:57.245Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-7065 (GCVE-0-2006-7065)
Vulnerability from nvd – Published: 2007-02-27 18:00 – Updated: 2024-09-16 19:52
VLAI?
Summary
Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via an IFRAME with a certain XML file and XSL stylesheet that triggers a crash in mshtml.dll when a refresh is called, probably a null pointer dereference.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:50:05.988Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19364",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19364"
},
{
"name": "20060806 bugs",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0163.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www3.ca.com/be/securityadvisor/vulninfo/Vuln.aspx?ID=34511"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via an IFRAME with a certain XML file and XSL stylesheet that triggers a crash in mshtml.dll when a refresh is called, probably a null pointer dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-02-27T18:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19364",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19364"
},
{
"name": "20060806 bugs",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0163.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www3.ca.com/be/securityadvisor/vulninfo/Vuln.aspx?ID=34511"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-7065",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via an IFRAME with a certain XML file and XSL stylesheet that triggers a crash in mshtml.dll when a refresh is called, probably a null pointer dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19364",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19364"
},
{
"name": "20060806 bugs",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0163.html"
},
{
"name": "http://www3.ca.com/be/securityadvisor/vulninfo/Vuln.aspx?ID=34511",
"refsource": "MISC",
"url": "http://www3.ca.com/be/securityadvisor/vulninfo/Vuln.aspx?ID=34511"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-7065",
"datePublished": "2007-02-27T18:00:00Z",
"dateReserved": "2007-02-27T00:00:00Z",
"dateUpdated": "2024-09-16T19:52:09.463Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4827 (GCVE-0-2005-4827)
Vulnerability from nvd – Published: 2007-02-07 20:00 – Updated: 2024-08-08 00:01
VLAI?
Summary
Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) and using tab, newline, and carriage return characters within the first argument (method name), which is supported by some proxy servers that convert tabs to spaces. NOTE: this issue can be leveraged to conduct referer spoofing, HTTP Request Smuggling, and other attacks.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:01:23.269Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070203 Web 2.0 backdoors made easy with MSIE \u0026 XMLHttpRequest",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2007/Feb/0081.html"
},
{
"name": "20070204 Re: Web 2.0 backdoors made easy with MSIE \u0026 XMLHttpRequest",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/459172/100/0/threaded"
},
{
"name": "14969",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14969"
},
{
"name": "20070203 Re: Web 2.0 backdoors made easy with MSIE \u0026 XMLHttpRequest",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/459172/100/0/threaded"
},
{
"name": "20050924 \"Exploiting the XmlHttpRequest object in IE\" - paper by Amit Klein",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/411585"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-09-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) and using tab, newline, and carriage return characters within the first argument (method name), which is supported by some proxy servers that convert tabs to spaces. NOTE: this issue can be leveraged to conduct referer spoofing, HTTP Request Smuggling, and other attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070203 Web 2.0 backdoors made easy with MSIE \u0026 XMLHttpRequest",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2007/Feb/0081.html"
},
{
"name": "20070204 Re: Web 2.0 backdoors made easy with MSIE \u0026 XMLHttpRequest",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/459172/100/0/threaded"
},
{
"name": "14969",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14969"
},
{
"name": "20070203 Re: Web 2.0 backdoors made easy with MSIE \u0026 XMLHttpRequest",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/459172/100/0/threaded"
},
{
"name": "20050924 \"Exploiting the XmlHttpRequest object in IE\" - paper by Amit Klein",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/411585"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4827",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) and using tab, newline, and carriage return characters within the first argument (method name), which is supported by some proxy servers that convert tabs to spaces. NOTE: this issue can be leveraged to conduct referer spoofing, HTTP Request Smuggling, and other attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070203 Web 2.0 backdoors made easy with MSIE \u0026 XMLHttpRequest",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2007/Feb/0081.html"
},
{
"name": "20070204 Re: Web 2.0 backdoors made easy with MSIE \u0026 XMLHttpRequest",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/459172/100/0/threaded"
},
{
"name": "14969",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14969"
},
{
"name": "20070203 Re: Web 2.0 backdoors made easy with MSIE \u0026 XMLHttpRequest",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/459172/100/0/threaded"
},
{
"name": "20050924 \"Exploiting the XmlHttpRequest object in IE\" - paper by Amit Klein",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/411585"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4827",
"datePublished": "2007-02-07T20:00:00",
"dateReserved": "2007-02-07T00:00:00",
"dateUpdated": "2024-08-08T00:01:23.269Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3354 (GCVE-0-2006-3354)
Vulnerability from nvd – Published: 2006-07-06 01:00 – Updated: 2024-08-07 18:23
VLAI?
Summary
Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Filter property of an ADODB.Recordset ActiveX object to certain values multiple times, which triggers a null dereference.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:23:21.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://browserfun.blogspot.com/2006/07/mobb-1-adodbrecordset-filter-property.html"
},
{
"name": "ie-adodb-recordset-dos(27596)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27596"
},
{
"name": "18773",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18773"
},
{
"name": "26834",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/26834"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Filter property of an ADODB.Recordset ActiveX object to certain values multiple times, which triggers a null dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://browserfun.blogspot.com/2006/07/mobb-1-adodbrecordset-filter-property.html"
},
{
"name": "ie-adodb-recordset-dos(27596)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27596"
},
{
"name": "18773",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18773"
},
{
"name": "26834",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/26834"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3354",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Filter property of an ADODB.Recordset ActiveX object to certain values multiple times, which triggers a null dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://browserfun.blogspot.com/2006/07/mobb-1-adodbrecordset-filter-property.html",
"refsource": "MISC",
"url": "http://browserfun.blogspot.com/2006/07/mobb-1-adodbrecordset-filter-property.html"
},
{
"name": "ie-adodb-recordset-dos(27596)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27596"
},
{
"name": "18773",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18773"
},
{
"name": "26834",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26834"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3354",
"datePublished": "2006-07-06T01:00:00",
"dateReserved": "2006-07-05T00:00:00",
"dateUpdated": "2024-08-07T18:23:21.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2900 (GCVE-0-2006-2900)
Vulnerability from nvd – Published: 2006-06-07 16:00 – Updated: 2024-08-07 18:06
VLAI?
Summary
Internet Explorer 6 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be inserted into a file upload input control, which can then upload the file when the user submits the form.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:06:27.167Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-2161",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2161"
},
{
"name": "1059",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1059"
},
{
"name": "18308",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18308"
},
{
"name": "20449",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20449"
},
{
"name": "20060605 file upload widgets in IE and Firefox have issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046610.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Internet Explorer 6 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be inserted into a file upload input control, which can then upload the file when the user submits the form."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-06-13T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-2161",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2161"
},
{
"name": "1059",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1059"
},
{
"name": "18308",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18308"
},
{
"name": "20449",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20449"
},
{
"name": "20060605 file upload widgets in IE and Firefox have issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046610.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2900",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Internet Explorer 6 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be inserted into a file upload input control, which can then upload the file when the user submits the form."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-2161",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2161"
},
{
"name": "1059",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1059"
},
{
"name": "18308",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18308"
},
{
"name": "20449",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20449"
},
{
"name": "20060605 file upload widgets in IE and Firefox have issues",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046610.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2900",
"datePublished": "2006-06-07T16:00:00",
"dateReserved": "2006-06-07T00:00:00",
"dateUpdated": "2024-08-07T18:06:27.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1185 (GCVE-0-2006-1185)
Vulnerability from nvd – Published: 2006-04-11 23:00 – Updated: 2024-08-07 17:03
VLAI?
Summary
Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:03:28.268Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18957",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18957"
},
{
"name": "1015900",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015900"
},
{
"name": "oval:org.mitre.oval:def:1677",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1677"
},
{
"name": "oval:org.mitre.oval:def:787",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A787"
},
{
"name": "TA06-101A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
},
{
"name": "oval:org.mitre.oval:def:1711",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1711"
},
{
"name": "17450",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17450"
},
{
"name": "ie-html-execute-code(25542)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25542"
},
{
"name": "VU#503124",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/503124"
},
{
"name": "MS06-013",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"name": "ADV-2006-1318",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1318"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "18957",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18957"
},
{
"name": "1015900",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015900"
},
{
"name": "oval:org.mitre.oval:def:1677",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1677"
},
{
"name": "oval:org.mitre.oval:def:787",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A787"
},
{
"name": "TA06-101A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
},
{
"name": "oval:org.mitre.oval:def:1711",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1711"
},
{
"name": "17450",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17450"
},
{
"name": "ie-html-execute-code(25542)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25542"
},
{
"name": "VU#503124",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/503124"
},
{
"name": "MS06-013",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"name": "ADV-2006-1318",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1318"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2006-1185",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18957",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18957"
},
{
"name": "1015900",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015900"
},
{
"name": "oval:org.mitre.oval:def:1677",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1677"
},
{
"name": "oval:org.mitre.oval:def:787",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A787"
},
{
"name": "TA06-101A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
},
{
"name": "oval:org.mitre.oval:def:1711",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1711"
},
{
"name": "17450",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17450"
},
{
"name": "ie-html-execute-code(25542)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25542"
},
{
"name": "VU#503124",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/503124"
},
{
"name": "MS06-013",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"name": "ADV-2006-1318",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1318"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2006-1185",
"datePublished": "2006-04-11T23:00:00",
"dateReserved": "2006-03-13T00:00:00",
"dateUpdated": "2024-08-07T17:03:28.268Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1188 (GCVE-0-2006-1188)
Vulnerability from nvd – Published: 2006-04-11 23:00 – Updated: 2024-08-07 17:03
VLAI?
Summary
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:03:28.518Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060525 [BuHa-Security] MS06-013: HTML Tag Memory Corruption Vulnerability in MS IE 6 SP2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/435096/30/4710/threaded"
},
{
"name": "oval:org.mitre.oval:def:1144",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1144"
},
{
"name": "18957",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18957"
},
{
"name": "1015900",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015900"
},
{
"name": "oval:org.mitre.oval:def:1290",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1290"
},
{
"name": "VU#824324",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/824324"
},
{
"name": "TA06-101A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
},
{
"name": "oval:org.mitre.oval:def:1773",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1773"
},
{
"name": "MS06-013",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"name": "ADV-2006-1318",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1318"
},
{
"name": "oval:org.mitre.oval:def:1296",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1296"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "20060525 [BuHa-Security] MS06-013: HTML Tag Memory Corruption Vulnerability in MS IE 6 SP2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/435096/30/4710/threaded"
},
{
"name": "oval:org.mitre.oval:def:1144",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1144"
},
{
"name": "18957",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18957"
},
{
"name": "1015900",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015900"
},
{
"name": "oval:org.mitre.oval:def:1290",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1290"
},
{
"name": "VU#824324",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/824324"
},
{
"name": "TA06-101A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
},
{
"name": "oval:org.mitre.oval:def:1773",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1773"
},
{
"name": "MS06-013",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"name": "ADV-2006-1318",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1318"
},
{
"name": "oval:org.mitre.oval:def:1296",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1296"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2006-1188",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060525 [BuHa-Security] MS06-013: HTML Tag Memory Corruption Vulnerability in MS IE 6 SP2",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435096/30/4710/threaded"
},
{
"name": "oval:org.mitre.oval:def:1144",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1144"
},
{
"name": "18957",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18957"
},
{
"name": "1015900",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015900"
},
{
"name": "oval:org.mitre.oval:def:1290",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1290"
},
{
"name": "VU#824324",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/824324"
},
{
"name": "TA06-101A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
},
{
"name": "oval:org.mitre.oval:def:1773",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1773"
},
{
"name": "MS06-013",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"name": "ADV-2006-1318",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1318"
},
{
"name": "oval:org.mitre.oval:def:1296",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1296"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2006-1188",
"datePublished": "2006-04-11T23:00:00",
"dateReserved": "2006-03-13T00:00:00",
"dateUpdated": "2024-08-07T17:03:28.518Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1192 (GCVE-0-2006-1192)
Vulnerability from nvd – Published: 2006-04-11 23:00 – Updated: 2024-08-07 17:03
VLAI?
Summary
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow "window content to persist" after the user has navigated to another site, aka the "Address Bar Spoofing Vulnerability." NOTE: this is a different vulnerability than CVE-2006-1626.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:03:28.582Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18957",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18957"
},
{
"name": "oval:org.mitre.oval:def:1498",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1498"
},
{
"name": "670",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/670"
},
{
"name": "ie-browser-window-spoofing(25557)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25557"
},
{
"name": "17460",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17460"
},
{
"name": "oval:org.mitre.oval:def:1645",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1645"
},
{
"name": "MS06-013",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"name": "oval:org.mitre.oval:def:1336",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1336"
},
{
"name": "ADV-2006-1318",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1318"
},
{
"name": "oval:org.mitre.oval:def:1740",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1740"
},
{
"name": "1015899",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015899"
},
{
"name": "oval:org.mitre.oval:def:1725",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1725"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow \"window content to persist\" after the user has navigated to another site, aka the \"Address Bar Spoofing Vulnerability.\" NOTE: this is a different vulnerability than CVE-2006-1626."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "18957",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18957"
},
{
"name": "oval:org.mitre.oval:def:1498",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1498"
},
{
"name": "670",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/670"
},
{
"name": "ie-browser-window-spoofing(25557)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25557"
},
{
"name": "17460",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17460"
},
{
"name": "oval:org.mitre.oval:def:1645",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1645"
},
{
"name": "MS06-013",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"name": "oval:org.mitre.oval:def:1336",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1336"
},
{
"name": "ADV-2006-1318",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1318"
},
{
"name": "oval:org.mitre.oval:def:1740",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1740"
},
{
"name": "1015899",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015899"
},
{
"name": "oval:org.mitre.oval:def:1725",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1725"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2006-1192",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow \"window content to persist\" after the user has navigated to another site, aka the \"Address Bar Spoofing Vulnerability.\" NOTE: this is a different vulnerability than CVE-2006-1626."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18957",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18957"
},
{
"name": "oval:org.mitre.oval:def:1498",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1498"
},
{
"name": "670",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/670"
},
{
"name": "ie-browser-window-spoofing(25557)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25557"
},
{
"name": "17460",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17460"
},
{
"name": "oval:org.mitre.oval:def:1645",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1645"
},
{
"name": "MS06-013",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"name": "oval:org.mitre.oval:def:1336",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1336"
},
{
"name": "ADV-2006-1318",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1318"
},
{
"name": "oval:org.mitre.oval:def:1740",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1740"
},
{
"name": "1015899",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015899"
},
{
"name": "oval:org.mitre.oval:def:1725",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1725"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2006-1192",
"datePublished": "2006-04-11T23:00:00",
"dateReserved": "2006-03-13T00:00:00",
"dateUpdated": "2024-08-07T17:03:28.582Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}