CVSS: 10.0EPSS: 92%CPEs: 28EXPL: 1CVE-2004-1050 – Microsoft Internet Explorer 6 - IFRAME Tag Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-1050
Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML Elements Vulnerability." • https://www.exploit-db.com/exploits/612 http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/028009.html http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/028035.html http://marc.info/?l=bugtraq&m=109942758911846&w=2 http://secunia.com/advisories/12959 http://www.kb.cert.org/vuls/id/842160 http://www.securityfocus.com/archive/1/379261 http://www.securityfocus.com/bid/11515 http://www.us-cert.gov/cas/techalerts/TA04-315A.html http://www •
CVSS: 2.6EPSS: 88%CPEs: 3EXPL: 1CVE-2004-1331
https://notcve.org/view.php?id=CVE-2004-1331
The execCommand method in Microsoft Internet Explorer 6.0 SP2 allows remote attackers to bypass the "File Download - Security Warning" dialog and save arbitrary files with arbitrary extensions via the SaveAs command. • http://archives.neohapsis.com/archives/bugtraq/2004-11/0260.html http://secunia.com/advisories/13203 http://securityreason.com/securityalert/3220 http://www.frsirt.com/exploits/20041119.IESP2Unpatched.php http://www.kb.cert.org/vuls/id/743974 http://www.securityfocus.com/bid/11686 https://exchange.xforce.ibmcloud.com/vulnerabilities/18181 •
CVSS: 10.0EPSS: 7%CPEs: 22EXPL: 0CVE-2004-0978
https://notcve.org/view.php?id=CVE-2004-0978
Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX control for Internet Explorer 5.01 through 6, when users who visit online gaming sites that are associated with MSN, allows remote attackers to execute arbitrary code via the SetupData parameter. • http://marc.info/?l=bugtraq&m=110616221411579&w=2 http://www.kb.cert.org/vuls/id/673134 http://www.ngssoftware.com/advisories/heartbeatfull.txt http://www.securityfocus.com/bid/11367 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038 https://exchange.xforce.ibmcloud.com/vulnerabilities/17714 • CWE-787: Out-of-bounds Write •
CVSS: 4.6EPSS: 17%CPEs: 15EXPL: 0CVE-2004-0979
https://notcve.org/view.php?id=CVE-2004-0979
Internet Explorer on Windows XP does not properly modify the "Drag and Drop or copy and paste files" setting when the user sets it to "Disable" or "Prompt," which may enable security-sensitive operations that are inconsistent with the user's intended configuration. • http://www.kb.cert.org/vuls/id/630720 http://www.us-cert.gov/cas/techalerts/TA04-293A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038 https://exchange.xforce.ibmcloud.com/vulnerabilities/17820 •
CVSS: 10.0EPSS: 96%CPEs: 5EXPL: 1CVE-2004-0214 – Microsoft Windows XP/2000/NT 4.0 - Shell Long Share Name Buffer Overrun
https://notcve.org/view.php?id=CVE-2004-0214
Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious servers to cause a denial of service (application crash) and possibly execute arbitrary code via long share names, as demonstrated using Samba. Desbordamiento de búfer en Microsoft Internet Explorer y Explorador de Windows XP SP1, 2000, 98 y Me puede permitir a usuarios remotos maliciosos causar una denegación de servicio (caída de aplicación) y posiblemente ejecutar código de su elección mediante nombres de recursos compartidos largos, como se ha demostrado usando Samba. • https://www.exploit-db.com/exploits/24051 http://seclists.org/lists/bugtraq/2004/Apr/0322.html http://seclists.org/lists/fulldisclosure/2004/Apr/0933.html http://secunia.com/advisories/11482 http://securitytracker.com/id?1011647 http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B322857 http://www.kb.cert.org/vuls/id/616200 http://www.osvdb.org/5687 http://www.securiteam.com/windowsntfocus/5JP0M1PCKI.html http://www.securityfocus.com/bid/10213 https://docs.m •