Page 121 of 638 results (0.005 seconds)

CVSS: 2.6EPSS: 12%CPEs: 3EXPL: 4

The Google toolbar 1.1.60, when running on Internet Explorer 5.5 and 6.0, allows remote attackers to cause a denial of service (crash with an exception in oleaut32.dll) via malicious HTML, possibly related to small width and height parameters or an incorrect call to the Google.Search() function. • https://www.exploit-db.com/exploits/21712 http://online.securityfocus.com/archive/1/287498 http://www.iss.net/security_center/static/9883.php http://www.securityfocus.com/bid/5477 http://www.sztolnia.pl/hack/googIE/googIE.html •

CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0

Internet Explorer 5, 5.6, and 6 allows remote attackers to bypass cookie privacy settings and store information across browser sessions via the userData (storeuserData) feature. • http://marc.info/?l=bugtraq&m=102864890006745&w=2 •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

The Javascript "Same Origin Policy" (SOP), as implemented in (1) Netscape, (2) Mozilla, and (3) Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted site, loading a page from the restricted site into one frame, and passing the information to the attacker-controlled frame, which is allowed because the document.domain of the two frames matches on the parent domain. • http://marc.info/?l=bugtraq&m=102796732924658&w=2 http://marc.info/?l=bugtraq&m=102798282208686&w=2 •

CVSS: 7.5EPSS: 58%CPEs: 12EXPL: 1

Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response. Desbordamiento de búfer en el cliente gopher de Microsoft Internet Explorer 5.1 a la 6.0, Proxy Server 2.0, o ISA Server 2000 permite a atacantes remotos la ejecución de código arbitrario mediante una URL gopher:// que redirige al usuario a un servidor gopher real o simulado que envía una respuesta larga. • https://www.exploit-db.com/exploits/21510 http://marc.info/?l=bugtraq&m=102320516707940&w=2 http://marc.info/?l=bugtraq&m=102397955217618&w=2 http://online.securityfocus.com/archive/1/276848 http://www.iss.net/security_center/static/9247.php http://www.kb.cert.org/vuls/id/440275 http://www.pivx.com/workaround_fail.html http://www.securityfocus.com/bid/4930 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-027 https://oval.cisecurity •

CVSS: 5.0EPSS: 2%CPEs: 7EXPL: 2

Internet Explorer 5.01 through 6 allows remote attackers to cause a denial of service (application crash) via Javascript in a web page that calls location.replace on itself, causing a loop. • https://www.exploit-db.com/exploits/21346 http://online.securityfocus.com/archive/1/262994 http://www.iss.net/security_center/static/8488.php http://www.securityfocus.com/bid/4322 •