CVSS: 5.0EPSS: 0%CPEs: 9EXPL: 1CVE-2003-0116
https://notcve.org/view.php?id=CVE-2003-0116
Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote attackers to read files on the local system via a web page containing script that creates a dialog and then accesses the target files, aka "Modal Dialog script execution." Microsoft Internet Explorer 5.01, 5.5 y 6.0 no comprueba adecuadamente el parámetro de entrada de hoja de estilo en cascada (CSS) en diálogos modales, lo que permite a atacantes remotos leer ficheros en el sistema local mediante una página web que contenga script que cree un diálogo y entonces acceda a los ficheros objetivo, también conocida como "Ejecución de script en diálogos modales - Modal Dialog script execution". • http://www.kb.cert.org/vuls/id/244729 http://www.securityfocus.com/archive/1/301945 http://www.securityfocus.com/bid/6306 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-015 •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2003-1326
https://notcve.org/view.php?id=CVE-2003-1326
Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model to run malicious script or arbitrary programs via dialog boxes, aka "Improper Cross Domain Security Validation with dialog box." Microsoft Internet Explorer 5.01, 5.5 y 6.0 permite a atacantes remotos evitar el modelo de seguridad entre dominios (cros-domain) para correr script malicioso o programas arbitrarios mediante cuadros de díálogo. También conocida como "Validacíon de Seguridad Entre Dominios inapropiada con cuadro de diálogo". • http://www.ciac.org/ciac/bulletins/n-038.shtml http://www.iss.net/security_center/static/11258.php http://www.securityfocus.com/bid/6779 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-004 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A126 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A178 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A49 •
CVSS: 7.5EPSS: 9%CPEs: 9EXPL: 1CVE-2003-1328 – Microsoft Internet Explorer 5 - ShowHelp Arbitrary Command Execution
https://notcve.org/view.php?id=CVE-2003-1328
The showHelp() function in Microsoft Internet Explorer 5.01, 5.5, and 6.0 supports certain types of pluggable protocols that allow remote attackers to bypass the cross-domain security model and execute arbitrary code, aka "Improper Cross Domain Security Validation with ShowHelp functionality." La función showHelp() en Microsoft Internet Explorer 5.5 y 6.0 soporta ciertos tipos de protocolos enchufables (añadibles) qeu permiten a atacantes remotos evitar el modelo de seguridad de cruce de dominios y ejecutar código arbitrario. También conocida como "Validación de Seguridad entre dominios con funcionalidad showHelp" • https://www.exploit-db.com/exploits/22226 http://archives.neohapsis.com/archives/bugtraq/2003-02/0083.html http://www.ciac.org/ciac/bulletins/n-038.shtml http://www.iss.net/security_center/static/11259.php http://www.kb.cert.org/vuls/id/400577 http://www.securityfocus.com/bid/6780 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-004 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A57 •
CVSS: 5.0EPSS: 16%CPEs: 6EXPL: 1CVE-2002-1714 – Microsoft Internet Explorer 5/6 - Self-Referential Object Denial of Service
https://notcve.org/view.php?id=CVE-2002-1714
Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to cause a denial of service (crash) via an object of type "text/html" with the DATA field that identifies the HTML document that contains the object, which may cause infinite recursion. • https://www.exploit-db.com/exploits/21404 http://online.securityfocus.com/archive/1/268776 http://www.securityfocus.com/bid/4564 https://exchange.xforce.ibmcloud.com/vulnerabilities/8904 •
CVSS: 5.0EPSS: 1%CPEs: 4EXPL: 1CVE-2002-1671
https://notcve.org/view.php?id=CVE-2002-1671
Microsoft Internet Explorer 5.0, 5.01, and 5.5 allows remote attackers to monitor the contents of the clipboard via the getData method of the clipboardData object. • http://online.securityfocus.com/archive/1/250387/2002-10-11/2002-10-17/2 http://www.securityfocus.com/archive/1/250248 http://www.securityfocus.com/bid/3862 https://exchange.xforce.ibmcloud.com/vulnerabilities/7906 •