Page 124 of 625 results (0.008 seconds)

CVSS: 2.1EPSS: 0%CPEs: 13EXPL: 0

Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it easier to conduct a brute-force password guessing attack. • http://www.iss.net/security_center/static/7592.php http://www.securityfocus.com/archive/1/241323 http://www.securityfocus.com/archive/1/241400 http://www.securityfocus.com/bid/3563 •

CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0

Microsoft Internet Explorer 6.0 and earlier allows malicious website operators to cause a denial of service (client crash) via JavaScript that continually refreshes the window via self.location. MS Internet Explorer 6.0 y anteriores permite a webmasters maliciosos provocar una denegación de servicio por medio de JavaScript que continuamente refresca la ventana con self.location. • http://www.securityfocus.com/archive/1/246649 http://www.securityfocus.com/bid/3730 •

CVSS: 7.5EPSS: 96%CPEs: 2EXPL: 0

Internet Explorer 6.0 allows remote attackers to execute arbitrary code by modifying the Content-Disposition and Content-Type header fields in a way that causes Internet Explorer to believe that the file is safe to open without prompting the user, aka the "File Execution Vulnerability." Internet Explorer 6.0 permite a atacantes remotos la ejecución de código arbitrario mediante la modificación de los campos de cabecera 'Content-Disposition' y 'Content-Type' de modo que hace creer a Internet Explorer que es seguro abrir el fichero sin pedir confirmación al usuario, también conocida como "File Execution Vulnerability". • http://marc.info/?l=bugtraq&m=100835204509262&w=2 http://marc.info/?l=bugtraq&m=100861273114437&w=2 http://www.cert.org/advisories/CA-2001-36.html http://www.ciac.org/ciac/bulletins/m-027.shtml http://www.kb.cert.org/vuls/id/443699 http://www.osvdb.org/3033 http://www.securityfocus.com/bid/3578 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-058 https://exchange.xforce.ibmcloud.com/vulnerabilities/7703 https://oval.cisecurity.org& •

CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 0

Internet Explorer 5.5 and 6.0 allow remote attackers to read certain files via HTML that passes information from a frame in the client's domain to a frame in the web site's domain, a variant of the "Frame Domain Verification" vulnerability. Internet Explorer 5.5 y 6.0 permite a atacantes remotos la lectura de ciertos ficheros vía HTML, pasando información de un marco en el dominio del cliente a otro marco del dominio del sitio web, una variante de la vulnerabilidad "FrameDomain Verification". • http://www.ciac.org/ciac/bulletins/m-027.shtml http://www.securityfocus.com/bid/3693 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-058 https://exchange.xforce.ibmcloud.com/vulnerabilities/7702 •

CVSS: 6.4EPSS: 4%CPEs: 2EXPL: 2

Internet Explorer 5.5 and 6.0 allows remote attackers to read and modify user cookies via Javascript in an about: URL, aka the "First Cookie Handling Vulnerability." • https://www.exploit-db.com/exploits/21144 http://marc.info/?l=bugtraq&m=100527618108521&w=2 http://www.ciac.org/ciac/bulletins/m-016.shtml http://www.osvdb.org/1982 http://www.securityfocus.com/archive/1/221612 http://www.securityfocus.com/bid/3513 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-055 https://exchange.xforce.ibmcloud.com/vulnerabilities/7486 •