CVSS: 7.5EPSS: 95%CPEs: 4EXPL: 3CVE-2003-0344 – Microsoft Internet Explorer - Object Tag (MS03-020)
https://notcve.org/view.php?id=CVE-2003-0344
Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page. Desbordamiento de búfer en Microsoft Internet Explorer 5.01, 5.5, y 6.0 permite que atacantes remotos ejecuten código arbitrario mediante un caracter "/" (barra inclinada) en la propiedad Type de un tag Object en una página web. • https://www.exploit-db.com/exploits/37 https://www.exploit-db.com/exploits/16581 https://www.exploit-db.com/exploits/22726 http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/006401.html http://marc.info/?l=bugtraq&m=105476381609135&w=2 http://secunia.com/advisories/8943 http://www.eeye.com/html/Research/Advisories/AD20030604.html http://www.kb.cert.org/vuls/id/679556 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-020 https:/ •
CVSS: 5.0EPSS: 9%CPEs: 3EXPL: 0CVE-2002-1564
https://notcve.org/view.php?id=CVE-2002-1564
Internet Explorer 5.5 and 6.0 allows remote attackers to steal potentially sensitive information from cookies via a cookie that contains script which is executed when a page is loaded, aka the "Script within Cookies Reading Cookies" vulnerability. Internet Explorer 5.5 y 6.0 permiten que atacantes remotos roben información (potencialmente confidencial) mediante cookies que contienen script que se ejecuta cuando se carga una página (también conocida como vulnerabilidad de "Script dentro de cookies que lee otras cookies" • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-023 •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 1CVE-2003-0309 – Microsoft Internet Explorer 5/6 - 'file://' Request Zone Bypass
https://notcve.org/view.php?id=CVE-2003-0309
Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to bypass security zone restrictions and execute arbitrary programs via a web document with a large number of duplicate file:// or other requests that point to the program and open multiple file download dialogs, which eventually cause Internet Explorer to execute the program, as demonstrated using a large number of FRAME or IFRAME tags, aka the "File Download Dialog Vulnerability." Internet Explorer 6.0.2800 permite que atacantes remotos se salten las restricciones de la zona de seguridad y ejecuten código arbitrario mediante un documento web con un elevado número de file:// u otras peticiones que apunten al programa, lo que ocasionalmente provoca que el Internet Explorer ejecute el programa, como se ha demostrado usando un elevado número de tags FRAME o IFRAME. • https://www.exploit-db.com/exploits/22575 http://marc.info/?l=bugtraq&m=105249399103214&w=2 http://marc.info/?l=bugtraq&m=105294081325040&w=2 http://marc.info/?l=ntbugtraq&m=105294162726096&w=2 http://secunia.com/advisories/8807 http://www.kb.cert.org/vuls/id/251788 http://www.securityfocus.com/bid/7539 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-020 https://exchange.xforce.ibmcloud.com/vulnerabilities/12019 https://oval.cisecurity. •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2003-0115
https://notcve.org/view.php?id=CVE-2003-0115
Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check parameters that are passed during third party rendering, which could allow remote attackers to execute arbitrary web script, aka the "Third Party Plugin Rendering" vulnerability, a different vulnerability than CVE-2003-0233. Microsoft Internet Explorer 5.01, 5.5 y 6.0 no verifica adecuadamente parámetros que son pasados mientras dibujan componentes de terceros, lo que podría permitir a atacantes remotos ejecutar script web arbitrario, también conocida como vulnerabilidad de "Dibujo de plugin de terceros", una vulnerabilidad distinta de CAN-2003-0233. • http://www.iss.net/security_center/static/11848.php https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-015 •
CVSS: 7.5EPSS: 5%CPEs: 9EXPL: 0CVE-2003-0233
https://notcve.org/view.php?id=CVE-2003-0233
Heap-based buffer overflow in plugin.ocx for Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via the Load() method, a different vulnerability than CVE-2003-0115. Desbordamiento de búfer basado en el montículo (heap) en plugin.ocx de Internet Explorer 5.01, 5.5 y 6.0 permite a atacantes remotos ejecutar código arbitrari mediante el método Load(), una vulnerabilidad distinta de CAN-2003-0115. • http://marc.info/?l=bugtraq&m=105120164927952&w=2 http://www.iss.net/security_center/static/11854.php https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-015 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1094 •