CVSS: 5.0EPSS: 2%CPEs: 9EXPL: 0CVE-2002-0057
https://notcve.org/view.php?id=CVE-2002-0057
XMLHTTP control in Microsoft XML Core Services 2.6 and later does not properly handle IE Security Zone settings, which allows remote attackers to read arbitrary files by specifying a local file as an XML Data Source. El control XMLHTTP en Microsoft XML Core Services 2.6 y versiones posteriores no manejan adecuadamente el establecimiento de valores de la Zona de Seguridad del IE, lo cual permite a atacantes remotos la lectura arbitraria de ficheros especificando un fichero local como una fuente de datos XML. • http://archives.neohapsis.com/archives/bugtraq/2001-12/0152.html http://marc.info/?l=bugtraq&m=101366383408821&w=2 http://www.osvdb.org/3032 http://www.securityfocus.com/bid/3699 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-008 https://exchange.xforce.ibmcloud.com/vulnerabilities/7712 •
CVSS: 7.5EPSS: 6%CPEs: 4EXPL: 0CVE-2001-0002
https://notcve.org/view.php?id=CVE-2001-0002
Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs. • http://www.guninski.com/chmtempmain.html http://www.osvdb.org/7823 http://www.securityfocus.com/bid/2456 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-015 https://exchange.xforce.ibmcloud.com/vulnerabilities/5567 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A920 •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-1999-0967
https://notcve.org/view.php?id=CVE-1999-0967
Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer via the res: local resource protocol. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0967 •