Page 13 of 85 results (0.006 seconds)

CVSS: 10.0EPSS: 1%CPEs: 5EXPL: 0

Buffer overflow in Internet Explorer 4.0 via EMBED tag. • http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ185959 http://support.microsoft.com/support/kb/articles/q176/6/97.asp • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

Internet Explorer 4 treats a 32-bit number ("dotless IP address") in the a URL as the hostname instead of an IP address, which causes IE to apply Local Intranet Zone settings to the resulting web page, allowing remote malicious web servers to conduct unauthorized activities by using URLs that contain the dotless IP address for their server. • http://support.microsoft.com/support/kb/articles/q168/6/17.asp http://www.microsoft.com/Windows/Ie/security/dotless.asp http://www.osvdb.org/7828 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-016 https://exchange.xforce.ibmcloud.com/vulnerabilities/2209 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Buffer overflow in Internet Explorer 4.01 and earlier allows remote attackers to execute arbitrary commands via a long URL with the "mk:" protocol, aka the "MK Overrun security issue." • http://marc.info/?l=bugtraq&m=88480839506155&w=2 http://support.microsoft.com/support/kb/articles/q176/6/97.asp https://exchange.xforce.ibmcloud.com/vulnerabilities/917 •

CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 1

Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user's machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Freiburg text-viewing issue. • http://marc.info/?l=bugtraq&m=87710897923098&w=2 http://support.microsoft.com/support/kb/articles/q176/6/97.asp http://support.microsoft.com/support/kb/articles/q176/7/94.asp http://www.insecure.org/sploits/Internet_explorer_4.0.hack.html http://www.microsoft.com/Windows/ie/security/freiburg.asp http://www.osvdb.org/7819 https://exchange.xforce.ibmcloud.com/vulnerabilities/587 •

CVSS: 5.1EPSS: 0%CPEs: 3EXPL: 0

Buffer overflow in the Window.External function in the JScript Scripting Engine in Internet Explorer 4.01 SP1 and earlier allows remote attackers to execute arbitrary commands via a malicious web page. • http://support.microsoft.com/support/kb/articles/q191/2/00.asp http://www.iss.net/security_center/static/1276.php https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-011 •