Page 121 of 840 results (0.013 seconds)

CVSS: 7.1EPSS: 94%CPEs: 3EXPL: 2

CVE-2005-4089

https://notcve.org/view.php?id=CVE-2005-4089

Microsoft Internet Explorer allows remote attackers to bypass cross-domain security restrictions and obtain sensitive information by using the @import directive to download files from other domains that are not valid Cascading Style Sheets (CSS) files, as demonstrated using Google Desktop, aka "CSSXSS" and "CSS Cross-Domain Information Disclosure Vulnerability." • http://secunia.com/advisories/17564 http://securitytracker.com/id?1016291 http://www.hacker.co.il/security/ie/css_import.html http://www.securityfocus.com/bid/15660 http://www.vupen.com/english/advisories/2005/2804 http://www.vupen.com/english/advisories/2006/2319 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-021 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1556 https://oval.cisecurity.org/repository/search/defin • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.3EPSS: 62%CPEs: 1EXPL: 2

CVE-2005-3312

https://notcve.org/view.php?id=CVE-2005-3312

The HTML rendering engine in Microsoft Internet Explorer 6.0 allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML in corrupted images and other files such as .GIF, JPG, and WAV, which is rendered as HTML when the user clicks on the link, even though the web server response and file extension indicate that it should be treated as a different file type. • http://marc.info/?l=bugtraq&m=113017003617987&w=2 http://securityreason.com/securityalert/18 http://www.computec.ch/download.php?view.683 http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=1746 http://www.securiteam.com/windowsntfocus/6F00B00EBY.html •

CVSS: 7.5EPSS: 15%CPEs: 3EXPL: 1

CVE-2005-1989 – Microsoft Internet Explorer - 'blnmgr.dll' COM Object Remote (MS05-038)

https://notcve.org/view.php?id=CVE-2005-1989

Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to obtain information and possibly execute code when browsing from a web site to a web folder view using WebDAV, aka "Web Folder Behaviors Cross-Domain Vulnerability". • https://www.exploit-db.com/exploits/1144 http://secunia.com/advisories/16373 http://www.securityfocus.com/bid/14512 http://www.vupen.com/english/advisories/2005/1353 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-038 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100081 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100082 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg&# •

CVSS: 5.1EPSS: 96%CPEs: 3EXPL: 1

CVE-2005-1990 – Microsoft Internet Explorer - 'blnmgr.dll' COM Object Remote (MS05-038)

https://notcve.org/view.php?id=CVE-2005-1990

Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, including (1) devenum.dll, (2) diactfrm.dll, (3) wmm2filt.dll, (4) fsusd.dll, (5) dmdskmgr.dll, (6) browsewm.dll, (7) browseui.dll, (8) shell32.dll, (9) mshtml.dll, (10) inetcfg.dll, (11) infosoft.dll, (12) query.dll, (13) syncui.dll, (14) clbcatex.dll, (15) clbcatq.dll, (16) comsvcs.dll, and (17) msconf.dll, which causes memory corruption, aka "COM Object Instantiation Memory Corruption Vulnerability," a different vulnerability than CVE-2005-2087. • https://www.exploit-db.com/exploits/1144 http://secunia.com/advisories/16373 http://securitytracker.com/id?1014643 http://www.kb.cert.org/vuls/id/959049 http://www.securityfocus.com/bid/14511 http://www.us-cert.gov/cas/techalerts/TA05-221A.html http://www.vupen.com/english/advisories/2005/1353 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-038 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100082 https:/& •

CVSS: 5.1EPSS: 91%CPEs: 3EXPL: 2

CVE-2005-1988 – Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Buffer Overflow

https://notcve.org/view.php?id=CVE-2005-1988

Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to execute arbitrary code via a web site or an HTML e-mail containing a crafted JPEG image that causes memory corruption, aka "JPEG Image Rendering Memory Corruption Vulnerability". • https://www.exploit-db.com/exploits/25991 https://www.exploit-db.com/exploits/1144 http://secunia.com/advisories/16373 http://www.kb.cert.org/vuls/id/965206 http://www.us-cert.gov/cas/techalerts/TA05-221A.html http://www.vupen.com/english/advisories/2005/1353 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-038 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1140 https://oval.cisecurity.org/repository/search •