Exploited Explorer

September 2006, Security Focus — Multiple Microsoft vulnerabilities reported. A vulnerability has been discovered in Microsoft Internet Explorer that is prone to a memory corruption vulnerability. Analysis: This issue may be exploited when an attacker use a malicious Webpage to execute arbitrary code in the context of the currently logged in user. Exploitation attempts may lead to a denial−of−service condition as well. Attacker may also employ HTML e−mail to carry out an attack.
For further detail: http://www.securityfocus.com/bid/19570/discuss

Microsoft Internet Explorer is prone to a denial−of−service vulnerability that occurs when instantiating Visual Studio COM objects. Analysis: This vulnerability arises due to the way Internet Explorer tries to instantiate certain COM objects as ActiveX controls, resulting in denial−of−service conditions. Remote code execution may be possible, but have not been confirmed.

For further detail: http://www.securityfocus.com/bid/19572/discuss

Microsoft Windows DHCP Client fails to properly bounds check user supplied input before copying it to an insufficiently memory buffer, which leaves it prone to a remote code execution vulnerability. Analysis: This vulnerability allows remote attackers to execute arbitrary machine code with SYSTEM−level privileges on affected computers. This facilitates the complete compromise. Please see source for further detail.

Source: http://www.securityfocus.com/bid/18923/discuss