Page 15 of 135 results (0.008 seconds)

CVSS: 5.0EPSS: 30%CPEs: 3EXPL: 1

Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to spoof the domain name of a URL in a titlebar for a script-initiated popup window, which could facilitate phishing attacks. • http://marc.info/?l=full-disclosure&m=110895997201027&w=2 http://secunia.com/advisories/14335 http://www.securityfocus.com/bid/12602 https://exchange.xforce.ibmcloud.com/vulnerabilities/19452 •

CVSS: 7.5EPSS: 87%CPEs: 35EXPL: 2

Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the "Drag-and-Drop Vulnerability." Internet Explorer 5.01, 5.5 y 6 permite a los atacantes remotos ejecutar código arbitrario mediante eventos de arrastrar y soltar, también conocidos como "Vulnerabilidad de arrastrar y soltar". • https://www.exploit-db.com/exploits/24693 http://www.kb.cert.org/vuls/id/698835 http://www.securityfocus.com/bid/11466 http://www.us-cert.gov/cas/techalerts/TA05-039A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-008 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-014 https://exchange.xforce.ibmcloud.com/vulnerabilities/19117 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1015 https&# •

CVSS: 7.5EPSS: 95%CPEs: 11EXPL: 0

Internet Explorer 5.01, 5.5, and 6 does not properly validate buffers when handling certain DHTML methods including the createControlRange Javascript function, which allows remote attackers to execute arbitrary code, aka the "DHTML Method Heap Memory Corruption Vulnerability." • http://secunia.com/advisories/11165 http://secunia.com/secunia_research/2004-12/advisory http://securitytracker.com/id?1013125 http://www.kb.cert.org/vuls/id/843771 http://www.us-cert.gov/cas/techalerts/TA05-039A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-014 https://exchange.xforce.ibmcloud.com/vulnerabilities/19137 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1005 https://oval.cisecurity.org/repository/sea •

CVSS: 2.6EPSS: 0%CPEs: 1EXPL: 0

Internet Explorer 6 on Windows XP SP2 allows remote attackers to bypass the file download warning dialog and possibly trick an unknowledgeable user into executing arbitrary code via a web page with a body element containing an onclick tag, as demonstrated using the createElement function. • http://marc.info/?l=full-disclosure&m=110569119106172&w=2 •

CVSS: 5.0EPSS: 5%CPEs: 1EXPL: 5

Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (browser crash) via a link with "::{" (colon colon left brace), which triggers a null dereference when the user attempts to save the link using "Save As" and Internet Explorer prepares an error message with an attacker-controlled format string. • https://www.exploit-db.com/exploits/376 http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0397.html http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0428.html http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1126.html http://securitytracker.com/id?1010491 http://www.osvdb.org/8335 http://www.securiteam.com/windowsntfocus/5IP020KDPU.html https://exchange.xforce.ibmcloud.com/vulnerabilities/16420 •