CVSS: 8.8EPSS: 33%CPEs: 8EXPL: 0CVE-2003-0530
https://notcve.org/view.php?id=CVE-2003-0530
22 Aug 2003 — Buffer overflow in the BR549.DLL ActiveX control for Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to execute arbitrary code. Desbordamiento de búfer en el control ActiveX BR549.DLL de Internet Explorer 5.01 SP3 a 6.0 SP1 permite a atacantes remotos ejecutar código arbitrario. • http://secunia.com/advisories/9580 •
CVSS: 8.8EPSS: 29%CPEs: 9EXPL: 0CVE-2003-0531
https://notcve.org/view.php?id=CVE-2003-0531
22 Aug 2003 — Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to access and execute script in the My Computer domain using the browser cache via crafted Content-Type and Content-Disposition headers, aka the "Browser Cache Script Execution in My Computer Zone" vulnerability. Internet Explorer 5.01 SP3 a 6.0 SP1 permite a atacantes remotos acceder a y ejecutar script en el dominio "Mi PC" usando la caché del navegador; también llamada vulnerabilidad "Ejecución de scritp en el navegador en la zona Mi PC". • http://secunia.com/advisories/9580 •
CVSS: 9.8EPSS: 33%CPEs: 9EXPL: 1CVE-2003-0532
https://notcve.org/view.php?id=CVE-2003-0532
22 Aug 2003 — Internet Explorer 5.01 SP3 through 6.0 SP1 does not properly determine object types that are returned by web servers, which could allow remote attackers to execute arbitrary code via an object tag with a data parameter to a malicious file hosted on a server that returns an unsafe Content-Type, aka the "Object Type" vulnerability. Internet Explorer 5.01 SP3 a 6.0 SP1 no determina adecuadamente tipos de objetos devueltos por los servidores web, lo que podría permitir a atacantes remotos ejecutar código arbitr... • http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0084.html •
CVSS: 9.8EPSS: 38%CPEs: 4EXPL: 1CVE-2003-0701 – Microsoft Internet Explorer - Object Data Remote (MS03-032)
https://notcve.org/view.php?id=CVE-2003-0701
22 Aug 2003 — Buffer overflow in Internet Explorer 6 SP1 for certain languages that support double-byte encodings (e.g., Japanese) allows remote attackers to execute arbitrary code via the Type property of an Object tag, a variant of CVE-2003-0344. Desbordamiento de búfer en Internet Explorer 6 SP1 para ciertos lenguajes que usan codificación en dos bytes (como el Japonés) permite a atacantes remotos ejecutar código arbitrario mediante la propiedad TYPE de una etiqueta OBJECT, una variante de CAN-2003-0344. • https://www.exploit-db.com/exploits/83 •
CVSS: 7.1EPSS: 45%CPEs: 4EXPL: 3CVE-2001-1410 – Microsoft Internet Explorer 5/6 - JavaScript Interface Spoofing
https://notcve.org/view.php?id=CVE-2001-1410
17 Jul 2003 — Internet Explorer 6 and earlier allows remote attackers to create chromeless windows using the Javascript window.createPopup method, which could allow attackers to simulate a victim's display and conduct unauthorized activities or steal sensitive data via social engineering. Internet Explorer 6 y anteriores permite a atacantes remotos crear ventanas sin marco encima de todas las demás usando el método Javascript window.createPopup, lo que podría permitir a atacantes simular la pantalla de la víctima y lleva... • https://www.exploit-db.com/exploits/21127 •
CVSS: 7.5EPSS: 7%CPEs: 2EXPL: 0CVE-2003-0519
https://notcve.org/view.php?id=CVE-2003-0519
10 Jul 2003 — Certain versions of Internet Explorer 5 and 6, in certain Windows environments, allow remote attackers to cause a denial of service (freeze) via a URL to C:\aux (MS-DOS device name) and possibly other devices. Ciertas versiones de Internet Explorer 5 y 7, en ciertos entornos Windows, permite a atacantes remotos causar una denegación de servicio (cuelgue) con una URL a C:\\AUX (nombre de dispositivo MS-DOS) y posiblemente otros dispositivos. • http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/006286.html •
CVSS: 6.1EPSS: 42%CPEs: 2EXPL: 2CVE-2003-0446 – Microsoft Internet Explorer 5/6 - MSXML XML File Parsing Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2003-0446
20 Jun 2003 — Cross-site scripting (XSS) in Internet Explorer 5.5 and 6.0, possibly in a component that is also used by other Microsoft products, allows remote attackers to insert arbitrary web script via an XML file that contains a parse error, which inserts the script in the resulting error message. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Internet Explorer 5.5 y 6.0, probablemente en un componente que también es utilizado por otros productos de Microsoft, permite a atacantes remotos la inse... • https://www.exploit-db.com/exploits/22783 •
CVSS: 8.8EPSS: 33%CPEs: 3EXPL: 2CVE-2003-0447 – Microsoft Internet Explorer 5 - Custom HTTP Error HTML Injection
https://notcve.org/view.php?id=CVE-2003-0447
20 Jun 2003 — The Custom HTTP Errors capability in Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute script in the Local Zone via an argument to shdocvw.dll that causes a "javascript:" link to be generated. La característica de errores HTTP personalizados en Internet Explorer 5.01, 5.5 y 6.0 permite a atacantes remotos ejecutar script en la Zona Local mediante un argumento a shdocvw.dll que causa que se genere un enlace "javascript:" • https://www.exploit-db.com/exploits/22784 •
CVSS: 8.8EPSS: 74%CPEs: 4EXPL: 3CVE-2003-0344 – Microsoft Internet Explorer - Object Tag (MS03-020)
https://notcve.org/view.php?id=CVE-2003-0344
06 Jun 2003 — Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page. Desbordamiento de búfer en Microsoft Internet Explorer 5.01, 5.5, y 6.0 permite que atacantes remotos ejecuten código arbitrario mediante un caracter "/" (barra inclinada) en la propiedad Type de un tag Object en una página web. • https://www.exploit-db.com/exploits/37 •
CVSS: 7.5EPSS: 15%CPEs: 3EXPL: 0CVE-2002-1564
https://notcve.org/view.php?id=CVE-2002-1564
30 May 2003 — Internet Explorer 5.5 and 6.0 allows remote attackers to steal potentially sensitive information from cookies via a cookie that contains script which is executed when a page is loaded, aka the "Script within Cookies Reading Cookies" vulnerability. Internet Explorer 5.5 y 6.0 permiten que atacantes remotos roben información (potencialmente confidencial) mediante cookies que contienen script que se ejecuta cuando se carga una página (también conocida como vulnerabilidad de "Script dentro de cookies que lee ot... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-023 •