CVE-2001-1497
https://notcve.org/view.php?id=CVE-2001-1497
Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it easier to conduct a brute-force password guessing attack. • http://www.iss.net/security_center/static/7592.php http://www.securityfocus.com/archive/1/241323 http://www.securityfocus.com/archive/1/241400 http://www.securityfocus.com/bid/3563 •
CVE-2001-1219
https://notcve.org/view.php?id=CVE-2001-1219
Microsoft Internet Explorer 6.0 and earlier allows malicious website operators to cause a denial of service (client crash) via JavaScript that continually refreshes the window via self.location. MS Internet Explorer 6.0 y anteriores permite a webmasters maliciosos provocar una denegación de servicio por medio de JavaScript que continuamente refresca la ventana con self.location. • http://www.securityfocus.com/archive/1/246649 http://www.securityfocus.com/bid/3730 •
CVE-2001-0727
https://notcve.org/view.php?id=CVE-2001-0727
Internet Explorer 6.0 allows remote attackers to execute arbitrary code by modifying the Content-Disposition and Content-Type header fields in a way that causes Internet Explorer to believe that the file is safe to open without prompting the user, aka the "File Execution Vulnerability." Internet Explorer 6.0 permite a atacantes remotos la ejecución de código arbitrario mediante la modificación de los campos de cabecera 'Content-Disposition' y 'Content-Type' de modo que hace creer a Internet Explorer que es seguro abrir el fichero sin pedir confirmación al usuario, también conocida como "File Execution Vulnerability". • http://marc.info/?l=bugtraq&m=100835204509262&w=2 http://marc.info/?l=bugtraq&m=100861273114437&w=2 http://www.cert.org/advisories/CA-2001-36.html http://www.ciac.org/ciac/bulletins/m-027.shtml http://www.kb.cert.org/vuls/id/443699 http://www.osvdb.org/3033 http://www.securityfocus.com/bid/3578 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-058 https://exchange.xforce.ibmcloud.com/vulnerabilities/7703 https://oval.cisecurity.org& •
CVE-2001-0874
https://notcve.org/view.php?id=CVE-2001-0874
Internet Explorer 5.5 and 6.0 allow remote attackers to read certain files via HTML that passes information from a frame in the client's domain to a frame in the web site's domain, a variant of the "Frame Domain Verification" vulnerability. Internet Explorer 5.5 y 6.0 permite a atacantes remotos la lectura de ciertos ficheros vía HTML, pasando información de un marco en el dominio del cliente a otro marco del dominio del sitio web, una variante de la vulnerabilidad "FrameDomain Verification". • http://www.ciac.org/ciac/bulletins/m-027.shtml http://www.securityfocus.com/bid/3693 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-058 https://exchange.xforce.ibmcloud.com/vulnerabilities/7702 •
CVE-2001-0722 – Microsoft Internet Explorer 5/6 - Cookie Disclosure/Modification
https://notcve.org/view.php?id=CVE-2001-0722
Internet Explorer 5.5 and 6.0 allows remote attackers to read and modify user cookies via Javascript in an about: URL, aka the "First Cookie Handling Vulnerability." • https://www.exploit-db.com/exploits/21144 http://marc.info/?l=bugtraq&m=100527618108521&w=2 http://www.ciac.org/ciac/bulletins/m-016.shtml http://www.osvdb.org/1982 http://www.securityfocus.com/archive/1/221612 http://www.securityfocus.com/bid/3513 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-055 https://exchange.xforce.ibmcloud.com/vulnerabilities/7486 •