CVSS: 5.1EPSS: 92%CPEs: 3EXPL: 0CVE-2005-0054
https://notcve.org/view.php?id=CVE-2005-0054
Internet Explorer 5.01, 5.5, and 6 allows remote attackers to spoof a less restrictive security zone and execute arbitrary code via an HTML page containing URLs that contain hostnames that have been double hex encoded, which are decoded twice to generate a malicious hostname, aka the "URL Decoding Zone Spoofing Vulnerability." • http://marc.info/?l=bugtraq&m=110796851002781&w=2 http://www.kb.cert.org/vuls/id/580299 http://www.us-cert.gov/cas/techalerts/TA05-039A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-014 https://exchange.xforce.ibmcloud.com/vulnerabilities/19214 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1308 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1736 https://oval.cisecurity.org& •
CVSS: 7.5EPSS: 95%CPEs: 11EXPL: 0CVE-2005-0055
https://notcve.org/view.php?id=CVE-2005-0055
Internet Explorer 5.01, 5.5, and 6 does not properly validate buffers when handling certain DHTML methods including the createControlRange Javascript function, which allows remote attackers to execute arbitrary code, aka the "DHTML Method Heap Memory Corruption Vulnerability." • http://secunia.com/advisories/11165 http://secunia.com/secunia_research/2004-12/advisory http://securitytracker.com/id?1013125 http://www.kb.cert.org/vuls/id/843771 http://www.us-cert.gov/cas/techalerts/TA05-039A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-014 https://exchange.xforce.ibmcloud.com/vulnerabilities/19137 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1005 https://oval.cisecurity.org/repository/sea •
CVSS: 2.6EPSS: 0%CPEs: 1EXPL: 0CVE-2005-0110
https://notcve.org/view.php?id=CVE-2005-0110
Internet Explorer 6 on Windows XP SP2 allows remote attackers to bypass the file download warning dialog and possibly trick an unknowledgeable user into executing arbitrary code via a web page with a body element containing an onclick tag, as demonstrated using the createElement function. • http://marc.info/?l=full-disclosure&m=110569119106172&w=2 •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 2CVE-2004-2179
https://notcve.org/view.php?id=CVE-2004-2179
asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values. • http://www.securityfocus.com/archive/1/378431 http://www.securityfocus.com/archive/1/378619 http://www.securityfocus.com/bid/11412 •
CVSS: 5.0EPSS: 5%CPEs: 1EXPL: 5CVE-2004-2434 – Microsoft Internet Explorer - 'mshtml.dll' Remote Null Pointer Crash
https://notcve.org/view.php?id=CVE-2004-2434
Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (browser crash) via a link with "::{" (colon colon left brace), which triggers a null dereference when the user attempts to save the link using "Save As" and Internet Explorer prepares an error message with an attacker-controlled format string. • https://www.exploit-db.com/exploits/376 http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0397.html http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0428.html http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1126.html http://securitytracker.com/id?1010491 http://www.osvdb.org/8335 http://www.securiteam.com/windowsntfocus/5IP020KDPU.html https://exchange.xforce.ibmcloud.com/vulnerabilities/16420 •