CVSS: 6.8EPSS: 26%CPEs: 8EXPL: 1CVE-2002-1187 – Microsoft Internet Explorer 5 - IFrame/Frame Cross-Site/Zone Script Execution
https://notcve.org/view.php?id=CVE-2002-1187
11 Dec 2002 — Cross-site scripting vulnerability (XSS) in Internet Explorer 5.01 through 6.0 allows remote attackers to read and execute files on the local system via web pages using the <frame> or <iframe> element and javascript, aka "Frames Cross Site Scripting," as demonstrated using the PrivacyPolicy.dlg resource. • https://www.exploit-db.com/exploits/21777 •
CVSS: 6.4EPSS: 16%CPEs: 7EXPL: 0CVE-2002-1188
https://notcve.org/view.php?id=CVE-2002-1188
11 Dec 2002 — Internet Explorer 5.01 through 6.0 allows remote attackers to identify the path to the Temporary Internet Files folder and obtain user information such as cookies via certain uses of the OBJECT tag, which are not subjected to the proper security checks, aka "Temporary Internet Files folders Name Reading." • http://marc.info/?l=bugtraq&m=103184415307193&w=2 •
CVSS: 9.8EPSS: 83%CPEs: 11EXPL: 1CVE-2002-1142 – Microsoft IIS - MDAC 'msadcs.dll' RDS DataStub Content-Type Overflow (MS02-065)
https://notcve.org/view.php?id=CVE-2002-1142
29 Nov 2002 — Heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6, and Internet Explorer 5.01 through 6.0, allows remote attackers to execute code via a malformed HTTP request to the Data Stub. Desbordamiento de búfer basado en la pila en el componente Remote Data Services (RDS) - Servicios de Datos Remotos de Microsoft Data Access Components (MDAC) 2.1 a 2.6, y en Internet Explorer 5.01 a 6.0 permite a atacantes remotos ejecutar código mediant... • https://www.exploit-db.com/exploits/19026 •
CVSS: 7.5EPSS: 55%CPEs: 11EXPL: 1CVE-2002-0976 – Microsoft Internet Explorer 4/5/6 - XML Datasource Applet File Disclosure
https://notcve.org/view.php?id=CVE-2002-0976
23 Aug 2002 — Internet Explorer 4.0 and later allows remote attackers to read arbitrary files via a web page that accesses a legacy XML Datasource applet (com.ms.xml.dso.XMLDSO.class) and modifies the base URL to point to the local system, which is trusted by the applet. • https://www.exploit-db.com/exploits/21721 •
CVSS: 9.1EPSS: 2%CPEs: 3EXPL: 0CVE-2002-0832
https://notcve.org/view.php?id=CVE-2002-0832
07 Aug 2002 — Internet Explorer 5, 5.6, and 6 allows remote attackers to bypass cookie privacy settings and store information across browser sessions via the userData (storeuserData) feature. • http://marc.info/?l=bugtraq&m=102864890006745&w=2 •
CVSS: 9.8EPSS: 65%CPEs: 12EXPL: 1CVE-2002-0371 – Microsoft Internet Explorer 5/6 / Microsoft ISA Server 2000 / Microsoft Proxy Server 2.0 Gopher Client - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-0371
15 Jun 2002 — Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response. Desbordamiento de búfer en el cliente gopher de Microsoft Internet Explorer 5.1 a la 6.0, Proxy Server 2.0, o ISA Server 2000 permite a atacantes remotos la ejecución de código arbitrario mediante una URL gopher:// que redirige al usu... • https://www.exploit-db.com/exploits/21510 •
CVSS: 6.5EPSS: 12%CPEs: 7EXPL: 2CVE-2002-0461 – Microsoft Internet Explorer 5/6 / Mozilla 0.8/0.9.x / Opera 5/6 - JavaScript Interpreter Denial of Service
https://notcve.org/view.php?id=CVE-2002-0461
11 Jun 2002 — Internet Explorer 5.01 through 6 allows remote attackers to cause a denial of service (application crash) via Javascript in a web page that calls location.replace on itself, causing a loop. • https://www.exploit-db.com/exploits/21346 •
CVSS: 5.0EPSS: 12%CPEs: 8EXPL: 1CVE-2002-0500
https://notcve.org/view.php?id=CVE-2002-0500
11 Jun 2002 — Internet Explorer 5.0 through 6.0 allows remote attackers to determine the existence of files on the client via an IMG tag with a dynsrc property that references the target file, which sets certain elements of the image object such as file size. • http://archives.neohapsis.com/archives/bugtraq/2002-03/0331.html •
CVSS: 8.8EPSS: 40%CPEs: 4EXPL: 1CVE-2002-0193 – Microsoft Internet Explorer 5.0.1/6.0 - Content-Disposition Handling File Execution
https://notcve.org/view.php?id=CVE-2002-0193
29 May 2002 — Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to execute arbitrary code via malformed Content-Disposition and Content-Type header fields that cause the application for the spoofed file type to pass the file back to the operating system for handling rather than raise an error message, aka the first variant of the "Content Disposition" vulnerability. (repetida de CAN-2002-0193) • https://www.exploit-db.com/exploits/21452 •
CVSS: 7.5EPSS: 12%CPEs: 5EXPL: 1CVE-2002-0189 – Microsoft Internet Explorer 5 - Dialog Same Origin Policy Bypass Variant (MS02-047)
https://notcve.org/view.php?id=CVE-2002-0189
17 May 2002 — Cross-site scripting vulnerability in Internet Explorer 6.0 allows remote attackers to execute scripts in the Local Computer zone via a URL that exploits a local HTML resource file, aka the "Cross-Site Scripting in Local HTML Resource" vulnerability. Vulnerabilidad de secuencias de comandos en sitios cruzados (cross-site scripting) en Internet Explorer 6.0 permite a atacantes remotos ejecutar secuencias de comandos en la zona "Ordenador Local" con una URL que explota un recurso HTML local. También conocida ... • https://www.exploit-db.com/exploits/21750 •