Page 19 of 132 results (0.015 seconds)

CVSS: 6.8EPSS: 3%CPEs: 8EXPL: 1

Cross-site scripting vulnerability (XSS) in Internet Explorer 5.01 through 6.0 allows remote attackers to read and execute files on the local system via web pages using the <frame> or <iframe> element and javascript, aka "Frames Cross Site Scripting," as demonstrated using the PrivacyPolicy.dlg resource. • https://www.exploit-db.com/exploits/21777 http://marc.info/?l=bugtraq&m=103158601431054&w=2 http://www.iss.net/security_center/static/10066.php http://www.osvdb.org/2998 http://www.securityfocus.com/bid/5672 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A203 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A225 •

CVSS: 6.4EPSS: 33%CPEs: 7EXPL: 0

Internet Explorer 5.01 through 6.0 allows remote attackers to identify the path to the Temporary Internet Files folder and obtain user information such as cookies via certain uses of the OBJECT tag, which are not subjected to the proper security checks, aka "Temporary Internet Files folders Name Reading." • http://marc.info/?l=bugtraq&m=103184415307193&w=2 http://www.ciac.org/ciac/bulletins/n-018.shtml http://www.iss.net/security_center/static/10665.php http://www.securityfocus.com/bid/6217 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A444 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A690 •

CVSS: 7.5EPSS: 87%CPEs: 11EXPL: 1

Heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6, and Internet Explorer 5.01 through 6.0, allows remote attackers to execute code via a malformed HTTP request to the Data Stub. Desbordamiento de búfer basado en la pila en el componente Remote Data Services (RDS) - Servicios de Datos Remotos de Microsoft Data Access Components (MDAC) 2.1 a 2.6, y en Internet Explorer 5.01 a 6.0 permite a atacantes remotos ejecutar código mediante una petición HTTP malformada al tocón (stub de datos). • https://www.exploit-db.com/exploits/19026 http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0082.html http://www.cert.org/advisories/CA-2002-33.html http://www.foundstone.com/knowledge/randd-advisories-display.html?id=337 http://www.kb.cert.org/vuls/id/542081 http://www.securityfocus.com/bid/6214 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-065 https://exchange.xforce.ibmcloud.com/vulnerabilities/10659 https://exchange.xforce.ibmcloud.com/vuln •

CVSS: 6.4EPSS: 94%CPEs: 11EXPL: 1

Internet Explorer 4.0 and later allows remote attackers to read arbitrary files via a web page that accesses a legacy XML Datasource applet (com.ms.xml.dso.XMLDSO.class) and modifies the base URL to point to the local system, which is trusted by the applet. • https://www.exploit-db.com/exploits/21721 http://marc.info/?l=bugtraq&m=102960731805373&w=2 http://www.iss.net/security_center/static/9885.php http://www.securityfocus.com/bid/5490 •

CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0

Internet Explorer 5, 5.6, and 6 allows remote attackers to bypass cookie privacy settings and store information across browser sessions via the userData (storeuserData) feature. • http://marc.info/?l=bugtraq&m=102864890006745&w=2 •