CVSS: 7.5EPSS: 8%CPEs: 4EXPL: 1CVE-2003-0701 – Microsoft Internet Explorer - Object Data Remote (MS03-032)
https://notcve.org/view.php?id=CVE-2003-0701
Buffer overflow in Internet Explorer 6 SP1 for certain languages that support double-byte encodings (e.g., Japanese) allows remote attackers to execute arbitrary code via the Type property of an Object tag, a variant of CVE-2003-0344. Desbordamiento de búfer en Internet Explorer 6 SP1 para ciertos lenguajes que usan codificación en dos bytes (como el Japonés) permite a atacantes remotos ejecutar código arbitrario mediante la propiedad TYPE de una etiqueta OBJECT, una variante de CAN-2003-0344. • https://www.exploit-db.com/exploits/83 http://marc.info/?l=bugtraq&m=106148101210479&w=2 http://www.kb.cert.org/vuls/id/334928 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-032 https://exchange.xforce.ibmcloud.com/vulnerabilities/12970 •
CVSS: 7.5EPSS: 10%CPEs: 8EXPL: 0CVE-2003-0530
https://notcve.org/view.php?id=CVE-2003-0530
Buffer overflow in the BR549.DLL ActiveX control for Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to execute arbitrary code. Desbordamiento de búfer en el control ActiveX BR549.DLL de Internet Explorer 5.01 SP3 a 6.0 SP1 permite a atacantes remotos ejecutar código arbitrario. • http://secunia.com/advisories/9580 http://securitytracker.com/id?1007538 http://www.cert.org/advisories/CA-2003-22.html http://www.kb.cert.org/vuls/id/548964 http://www.securityfocus.com/bid/8454 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-032 https://exchange.xforce.ibmcloud.com/vulnerabilities/12962 •
CVSS: 7.5EPSS: 28%CPEs: 9EXPL: 1CVE-2003-0532
https://notcve.org/view.php?id=CVE-2003-0532
Internet Explorer 5.01 SP3 through 6.0 SP1 does not properly determine object types that are returned by web servers, which could allow remote attackers to execute arbitrary code via an object tag with a data parameter to a malicious file hosted on a server that returns an unsafe Content-Type, aka the "Object Type" vulnerability. Internet Explorer 5.01 SP3 a 6.0 SP1 no determina adecuadamente tipos de objetos devueltos por los servidores web, lo que podría permitir a atacantes remotos ejecutar código arbitrario mediante una etiqueta "object" con un parámetro de datos a un fichero malicioso almacenado en un servidor que devuelve un "Content-Type" inseguro; también llamada vulnerabilidad de "Tipo de Objeto". • http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0084.html http://marc.info/?l=bugtraq&m=106149026621753&w=2 http://www.eeye.com/html/Research/Advisories/AD20030820.html http://www.kb.cert.org/vuls/id/865940 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-032 •
CVSS: 7.5EPSS: 95%CPEs: 4EXPL: 3CVE-2003-0344 – Microsoft Internet Explorer - Object Tag (MS03-020)
https://notcve.org/view.php?id=CVE-2003-0344
Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page. Desbordamiento de búfer en Microsoft Internet Explorer 5.01, 5.5, y 6.0 permite que atacantes remotos ejecuten código arbitrario mediante un caracter "/" (barra inclinada) en la propiedad Type de un tag Object en una página web. • https://www.exploit-db.com/exploits/37 https://www.exploit-db.com/exploits/16581 https://www.exploit-db.com/exploits/22726 http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/006401.html http://marc.info/?l=bugtraq&m=105476381609135&w=2 http://secunia.com/advisories/8943 http://www.eeye.com/html/Research/Advisories/AD20030604.html http://www.kb.cert.org/vuls/id/679556 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-020 https:/ •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2003-0115
https://notcve.org/view.php?id=CVE-2003-0115
Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check parameters that are passed during third party rendering, which could allow remote attackers to execute arbitrary web script, aka the "Third Party Plugin Rendering" vulnerability, a different vulnerability than CVE-2003-0233. Microsoft Internet Explorer 5.01, 5.5 y 6.0 no verifica adecuadamente parámetros que son pasados mientras dibujan componentes de terceros, lo que podría permitir a atacantes remotos ejecutar script web arbitrario, también conocida como vulnerabilidad de "Dibujo de plugin de terceros", una vulnerabilidad distinta de CAN-2003-0233. • http://www.iss.net/security_center/static/11848.php https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-015 •