nop

13 exploits Active since Jul 2006
CVE-2006-3845 EXPLOITDB c WORKING POC
WinRAR 3.00-3.60 beta 6 - Stack-based Buffer Overflow via Long Filename in LHA Archive
Stack-based buffer overflow in lzh.fmt in WinRAR 3.00 through 3.60 beta 6 allows remote attackers to execute arbitrary code via a long filename in a LHA archive.
EIP-2026-118802 EXPLOITDB c WORKING POC
Microsoft Internet Explorer - 'VML' Remote Buffer Overflow
CVE-2006-4219 EXPLOITDB html WORKING POC
Microsoft IE - Denial of Service
The Terminal Services COM object (tsuserex.dll) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by instantiating it as an ActiveX object in Internet Explorer 6.0 SP1 on Microsoft Windows 2003 EE SP1 CN.
CVE-2006-4446 EXPLOITDB html WORKING POC
Microsoft Internet Explorer 6.0 SP1 - Heap-Based Buffer Overflow via DirectAnimation.PathControl Spline Function
Heap-based buffer overflow in DirectAnimation.PathControl COM object (daxctle.ocx) in Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Spline function call whose first argument specifies a large number of points.
CVE-2006-4777 EXPLOITDB c WORKING POC
Internet Explorer 6.0 SP1 - Buffer Overflow
Heap-based buffer overflow in the DirectAnimation Path Control (DirectAnimation.PathControl) COM object (daxctle.ocx) for Internet Explorer 6.0 SP1, on Chinese and possibly other Windows distributions, allows remote attackers to execute arbitrary code via unknown manipulations in arguments to the KeyFrame method, possibly related to an integer overflow, as demonstrated by daxctle2, and a different vulnerability than CVE-2006-4446.
EIP-2026-116505 EXPLOITDB html WORKING POC
VMware 5.5.1 - COM Object Arbitrary Partition Table Delete
EIP-2026-116506 EXPLOITDB text WORKING POC
VMware 5.5.1 - Partition Table Deletion Denial of Service
CVE-2006-4495 EXPLOITDB html WORKING POC
Microsoft Internet Explorer - Remote Code Execution via ActiveX COM Object Instantiation
Microsoft Internet Explorer allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code by instantiating certain Windows 2000 ActiveX COM Objects including (1) ciodm.dll, (2) myinfo.dll, (3) msdxm.ocx, and (4) creator.dll.
CVE-2006-4193 EXPLOITDB html WORKING POC
Microsoft Internet Explorer 6.0 SP1 - Remote Code Execution via COM Object Instantiation
Microsoft Internet Explorer 6.0 SP1 and possibly other versions allows remote attackers to cause a denial of service and possibly execute arbitrary code by instantiating COM objects as ActiveX controls, including (1) imskdic.dll (Microsoft IME), (2) chtskdic.dll (Microsoft IME), and (3) msoe.dll (Outlook), which leads to memory corruption. NOTE: it is not certain whether the issue is in Internet Explorer or the individual DLL files.
CVE-2006-4494 EXPLOITDB html WORKING POC
Microsoft Visual Studio 6.0 - Remote Code Execution via ActiveX COM Object Instantiation
Microsoft Visual Studio 6.0 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code by instantiating certain Visual Studio 6.0 ActiveX COM Objects in Internet Explorer, including (1) tcprops.dll, (2) fp30wec.dll, (3) mdt2db.dll, (4) mdt2qd.dll, and (5) vi30aut.dll.
CVE-2006-4301 EXPLOITDB html WORKING POC
Microsoft Internet Explorer 6.0 SP1 - DoS via Long Color Attribute in DirectX Media Image Transforms
Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash) via a long Color attribute in multiple DirectX Media Image DirectX Transforms ActiveX COM Objects from (a) dxtmsft.dll and (b) dxtmsft3.dll, including (1) DXImageTransform.Microsoft.MaskFilter.1, (2) DXImageTransform.Microsoft.Chroma.1, and (3) DX3DTransform.Microsoft.Shapes.1.
CVE-2006-4193 EXPLOITDB html WORKING POC
Microsoft Internet Explorer 6.0 SP1 - Remote Code Execution via COM Object Instantiation
Microsoft Internet Explorer 6.0 SP1 and possibly other versions allows remote attackers to cause a denial of service and possibly execute arbitrary code by instantiating COM objects as ActiveX controls, including (1) imskdic.dll (Microsoft IME), (2) chtskdic.dll (Microsoft IME), and (3) msoe.dll (Outlook), which leads to memory corruption. NOTE: it is not certain whether the issue is in Internet Explorer or the individual DLL files.
EIP-2026-115668 EXPLOITDB html WORKING POC
Microsoft Internet Explorer - Multiple COM Object Color Property Denial of Service Vulnerabilities