Page 2 of 15 results (0.005 seconds)

CVSS: 5.8EPSS: 0%CPEs: 94EXPL: 0

CVE-2009-2069

https://notcve.org/view.php?id=CVE-2009-2069

Microsoft Internet Explorer before 8 displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, and then sending the browser a crafted 502 response page upon a subsequent request. Microsoft Internet Explorer anterior a 8 muestra un certificado cacheado para una página de respuesta CONEXIÓN (1) 4xx o (2) 5xx por un servidor proxy, lo que permite a los atacantes "hombre en el medio" suplantar una página https permitiendo al navegador obtener un certificado válido desde esta página, durante una petición, y enviando al navegador una página de repuesta 502 manipulada sobre la subsiguiente petición. • http://research.microsoft.com/apps/pubs/default.aspx?id=79323 http://research.microsoft.com/pubs/79323/pbp-final-with-update.pdf http://www.securityfocus.com/bid/35411 • CWE-287: Improper Authentication •

CVSS: 4.3EPSS: 5%CPEs: 1EXPL: 0

CVE-2006-5577

https://notcve.org/view.php?id=CVE-2006-5577

Microsoft Internet Explorer 6 and earlier allows remote attackers to obtain sensitive information via unspecified uses of the OBJECT HTML tag, which discloses the absolute path of the corresponding TIF folder, aka "TIF Folder Information Disclosure Vulnerability," and a different issue than CVE-2006-5578. Microsoft Internet Explorer 6 y versiones anteriores permite a atacantes remotos la obtención de información sensible a través de usos sin especificar de la etiqueta de HTML OBJECT, que revela la ruta absoluta de la carpeta TIF correspondiente, también conocido como "TIF Folder Information Disclosure Vulnerability" y es diferntes a la CVE-2006-5578. • http://secunia.com/advisories/23288 http://securitytracker.com/id?1017374 http://www.osvdb.org/30816 http://www.securityfocus.com/archive/1/454969/100/200/threaded http://www.securityfocus.com/bid/21507 http://www.us-cert.gov/cas/techalerts/TA06-346A.html http://www.vupen.com/english/advisories/2006/4966 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-072 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A313 •

CVSS: 2.6EPSS: 3%CPEs: 1EXPL: 0

CVE-2006-5578

https://notcve.org/view.php?id=CVE-2006-5578

Microsoft Internet Explorer 6 and earlier allows remote attackers to read Temporary Internet Files (TIF) and obtain sensitive information via unspecified vectors involving certain drag and drop operations, aka "TIF Folder Information Disclosure Vulnerability," and a different issue than CVE-2006-5577. Microsoft Internet Explorer 6 y versiones anteriores permite a atacantes remotos leer Ficheros Temporales de Internet (TIF) y obtener información sensible a través de vectores sin especificar mediante operaciones de "arrastrar y soltar", también conocido como "TIF Folder Information Disclosure Vulnerability" , es distinta a la CVE-2006-5577. • http://secunia.com/advisories/23288 http://securitytracker.com/id?1017374 http://www.kb.cert.org/vuls/id/694344 http://www.osvdb.org/30815 http://www.securityfocus.com/archive/1/454969/100/200/threaded http://www.securityfocus.com/bid/21494 http://www.us-cert.gov/cas/techalerts/TA06-346A.html http://www.vupen.com/english/advisories/2006/4966 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-072 https://oval.cisecurity.org/repository/search •

CVSS: 5.0EPSS: 3%CPEs: 1EXPL: 0

CVE-2006-4888

https://notcve.org/view.php?id=CVE-2006-4888

Microsoft Internet Explorer 6 and earlier allows remote attackers to cause a denial of service (application hang) via a CSS-formatted HTML INPUT element within a DIV element that has a larger size than the INPUT. Microsoft Internet Explorer 6 y anteriores permite a atacantes remotos provocar una denegación de servicio (aplicación que no responde) vía un elemento INPUT HTML con formato CSS dentro de un elemento DIV que tiene un tamaño mayor que el INPUT. • http://archives.neohapsis.com/archives/bugtraq/2006-07/0199.html http://jonas.elunic.de/blog/index.php/2006/07/14/ie-freeze-bug http://www.osvdb.org/28614 •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 2

CVE-2004-2179

https://notcve.org/view.php?id=CVE-2004-2179

asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values. • http://www.securityfocus.com/archive/1/378431 http://www.securityfocus.com/archive/1/378619 http://www.securityfocus.com/bid/11412 •