Page 18 of 184 results (0.015 seconds)

CVSS: 7.5EPSS: 15%CPEs: 3EXPL: 1

Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to obtain information and possibly execute code when browsing from a web site to a web folder view using WebDAV, aka "Web Folder Behaviors Cross-Domain Vulnerability". • https://www.exploit-db.com/exploits/1144 http://secunia.com/advisories/16373 http://www.securityfocus.com/bid/14512 http://www.vupen.com/english/advisories/2005/1353 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-038 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100081 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100082 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg&# •

CVSS: 5.1EPSS: 96%CPEs: 3EXPL: 1

Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, including (1) devenum.dll, (2) diactfrm.dll, (3) wmm2filt.dll, (4) fsusd.dll, (5) dmdskmgr.dll, (6) browsewm.dll, (7) browseui.dll, (8) shell32.dll, (9) mshtml.dll, (10) inetcfg.dll, (11) infosoft.dll, (12) query.dll, (13) syncui.dll, (14) clbcatex.dll, (15) clbcatq.dll, (16) comsvcs.dll, and (17) msconf.dll, which causes memory corruption, aka "COM Object Instantiation Memory Corruption Vulnerability," a different vulnerability than CVE-2005-2087. • https://www.exploit-db.com/exploits/1144 http://secunia.com/advisories/16373 http://securitytracker.com/id?1014643 http://www.kb.cert.org/vuls/id/959049 http://www.securityfocus.com/bid/14511 http://www.us-cert.gov/cas/techalerts/TA05-221A.html http://www.vupen.com/english/advisories/2005/1353 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-038 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100082 https:/& •

CVSS: 5.1EPSS: 91%CPEs: 3EXPL: 2

Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to execute arbitrary code via a web site or an HTML e-mail containing a crafted JPEG image that causes memory corruption, aka "JPEG Image Rendering Memory Corruption Vulnerability". • https://www.exploit-db.com/exploits/25991 https://www.exploit-db.com/exploits/1144 http://secunia.com/advisories/16373 http://www.kb.cert.org/vuls/id/965206 http://www.us-cert.gov/cas/techalerts/TA05-221A.html http://www.vupen.com/english/advisories/2005/1353 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-038 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1140 https://oval.cisecurity.org/repository/search •

CVSS: 7.5EPSS: 93%CPEs: 1EXPL: 6

The JPEG decoder in Microsoft Internet Explorer allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via certain crafted JPEG images, as demonstrated using (1) mov_fencepost.jpg, (2) cmp_fencepost.jpg, (3) oom_dos.jpg, or (4) random.jpg. El descodificador de JPEG en Microsoft Internet Explorer permite que atacantes remotos causen una denegación de servicio (consumo de CPU o caída) y posiblemente ejecuten código arbitrario mediante imágenes JPEG amañadas. Queda demostrado usando (1) mov_fencepost.jpg, (2) cmp_fencepost.jpg, (3) oom_dos.jpg, o (4) random.jpg. • https://www.exploit-db.com/exploits/25992 http://lcamtuf.coredump.cx/crash http://www.securityfocus.com/archive/1/405298 http://www.securityfocus.com/bid/14284 http://www.securityfocus.com/bid/14285 http://www.securityfocus.com/bid/14286 •

CVSS: 5.0EPSS: 96%CPEs: 11EXPL: 1

Internet Explorer 5.01 SP4 up to 6 on various Windows operating systems, including IE 6.0.2900.2180 on Windows XP, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, as demonstrated using the JVIEW Profiler (Javaprxy.dll). NOTE: the researcher says that the vendor could not reproduce this problem. • https://www.exploit-db.com/exploits/1079 http://marc.info/?l=bugtraq&m=112006764714946&w=2 http://secunia.com/advisories/15891 http://securitytracker.com/id?1014329 http://www.auscert.org.au/render.html?it=5225 http://www.kb.cert.org/vuls/id/939605 http://www.kb.cert.org/vuls/id/959049 http://www.microsoft.com/technet/security/advisory/903144.mspx http://www.osvdb.org/17680 http://www.securityfocus.com/archive/1/404055 http://www.securityfocus.com/bid/ • CWE-399: Resource Management Errors •