Page 24 of 219 results (0.007 seconds)

CVSS: 5.1EPSS: 95%CPEs: 5EXPL: 1

Race condition in the memory management routines in the DHTML object processor in Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail, aka "DHTML Object Memory Corruption Vulnerability". • https://www.exploit-db.com/exploits/25386 http://secunia.com/advisories/14922 http://www.idefense.com/application/poi/display?id=228&type=vulnerabilities http://www.kb.cert.org/vuls/id/774338 http://www.us-cert.gov/cas/techalerts/TA05-102A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-020 https://exchange.xforce.ibmcloud.com/vulnerabilities/19831 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1695 https://oval •

CVSS: 7.5EPSS: 88%CPEs: 3EXPL: 1

Buffer overflow in the Content Advisor in Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a crafted Content Advisor file, aka "Content Advisor Memory Corruption Vulnerability." • https://www.exploit-db.com/exploits/25385 http://secunia.com/advisories/14922 http://www.kb.cert.org/vuls/id/222050 http://www.us-cert.gov/cas/techalerts/TA05-102A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-020 https://exchange.xforce.ibmcloud.com/vulnerabilities/19842 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2077 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2786 h •

CVSS: 7.5EPSS: 87%CPEs: 35EXPL: 2

Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the "Drag-and-Drop Vulnerability." Internet Explorer 5.01, 5.5 y 6 permite a los atacantes remotos ejecutar código arbitrario mediante eventos de arrastrar y soltar, también conocidos como "Vulnerabilidad de arrastrar y soltar". • https://www.exploit-db.com/exploits/24693 http://www.kb.cert.org/vuls/id/698835 http://www.securityfocus.com/bid/11466 http://www.us-cert.gov/cas/techalerts/TA05-039A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-008 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-014 https://exchange.xforce.ibmcloud.com/vulnerabilities/19117 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1015 https&# •

CVSS: 7.5EPSS: 95%CPEs: 11EXPL: 0

Internet Explorer 5.01, 5.5, and 6 does not properly validate buffers when handling certain DHTML methods including the createControlRange Javascript function, which allows remote attackers to execute arbitrary code, aka the "DHTML Method Heap Memory Corruption Vulnerability." • http://secunia.com/advisories/11165 http://secunia.com/secunia_research/2004-12/advisory http://securitytracker.com/id?1013125 http://www.kb.cert.org/vuls/id/843771 http://www.us-cert.gov/cas/techalerts/TA05-039A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-014 https://exchange.xforce.ibmcloud.com/vulnerabilities/19137 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1005 https://oval.cisecurity.org/repository/sea •

CVSS: 2.6EPSS: 59%CPEs: 4EXPL: 3

Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar to facilitate phishing attacks via Javascript that uses an invalid URI, modifies the Location field, then uses history.back to navigate to the previous domain, aka NullyFake. • http://archives.neohapsis.com/archives/bugtraq/2004-08/0215.html http://secunia.com/advisories/12304 http://securitytracker.com/id?1010957 http://umbrella.name/originalvuln/msie/NullyFake/nullyfake-content.txt http://www.osvdb.org/8978 https://exchange.xforce.ibmcloud.com/vulnerabilities/17007 •