CVSS: 7.5EPSS: 51%CPEs: 7EXPL: 3CVE-2003-1041 – Microsoft Windows XP/2000 - showHelp '.CHM' File Execution (MS03-004)
https://notcve.org/view.php?id=CVE-2003-1041
Internet Explorer 5.x and 6.0 allows remote attackers to execute arbitrary programs via a modified directory traversal attack using a URL containing ".." (dot dot) sequences and a filename that ends in "::" which is treated as a .chm file even if it does not have a .chm extension. NOTE: this bug may overlap CVE-2004-0475. Internet Explorer 5.x y 6.0 permite a atacantes remotos ejecutar programas arbitrarios mediante una URL conteniendo secuencias ".." (punto punto) en un nombre de fichero terminado en "::" que es tratado como un fichero CHM aunque no tenga extensión .chm. • https://www.exploit-db.com/exploits/23504 http://www.kb.cert.org/vuls/id/187196 http://www.securityfocus.com/archive/1/348521 http://www.securityfocus.com/bid/9320 http://www.us-cert.gov/cas/techalerts/TA04-196A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-023 https://exchange.xforce.ibmcloud.com/vulnerabilities/14105 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1186 https://oval.cisecurity.org/repository& •
CVSS: 5.1EPSS: 1%CPEs: 1EXPL: 2CVE-2004-0475
https://notcve.org/view.php?id=CVE-2004-0475
The showHelp function in Internet Explorer 6 on Windows XP Pro allows remote attackers to execute arbitrary local .CHM files via a double backward slash ("\\") before the target CHM file, as demonstrated using an "ms-its" URL to ntshared.chm. NOTE: this bug may overlap CVE-2003-1041. La función showHelp en Internet Explorer 6 en Windows XP Pro permite a atacantes remotos ejecutar ficheros .chm locales de su elección mediante una barra invertida ("") doble antes del fichero .chm objetivo, como se ha demostrado usando una URL "ms-its" con ntshared.chm. NOTA: Este fallo puede solaparse con CAN-2003-1041. • http://www.securityfocus.com/archive/1/363202 http://www.securityfocus.com/bid/10348 https://exchange.xforce.ibmcloud.com/vulnerabilities/16147 •
CVSS: 5.0EPSS: 18%CPEs: 1EXPL: 1CVE-2004-0479 – Microsoft Internet Explorer 5.0.1 - http-equiv Meta Tag Denial of Service
https://notcve.org/view.php?id=CVE-2004-0479
Internet Explorer 6 allows remote attackers to cause a denial of service (crash) via Javascript that creates a new popup window and disables the imagetoolbar functionality with a META tag, which triggers a null dereference. Internet Explorer 6 permite a atacantes remotos causar una denegación de servicio (caída) mediante Javascritp que crea una ventana emergente y desactiva la funcionalidad imagetoolbar con una etiqueta META, lo que dispara una desreferencia nula. • https://www.exploit-db.com/exploits/24119 http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021500.html http://marc.info/?l=vuln-dev&m=108457938412310&w=2 http://marc.info/?l=vuln-dev&m=108476938219070&w=2 •
CVSS: 10.0EPSS: 96%CPEs: 3EXPL: 2CVE-2004-0420
https://notcve.org/view.php?id=CVE-2004-0420
The Windows Shell application in Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by spoofing the type of a file via a CLSID specifier in the filename, as demonstrated using Internet Explorer 6.0.2800.1106 on Windows XP. Internet Explorer 6.0.2800.1106 sobre Windows XP y posiblemente otras versiones, permite a atacantes remotos suplantar el tipo de un de un fichero mediante un especificador CLSID en el nombre del fichero. • http://secunia.com/advisories/10736 http://www.kb.cert.org/vuls/id/106324 http://www.security-express.com/archives/bugtraq/2004-01/0300.html http://www.securityfocus.com/archive/1/351379 http://www.securityfocus.com/bid/9510 http://www.us-cert.gov/cas/techalerts/TA04-196A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-024 https://exchange.xforce.ibmcloud.com/vulnerabilities/14964 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg •
CVSS: 5.0EPSS: 1%CPEs: 6EXPL: 0CVE-2004-0284
https://notcve.org/view.php?id=CVE-2004-0284
Microsoft Internet Explorer 6.0, Outlook 2002, and Outlook 2003 allow remote attackers to cause a denial of service (CPU consumption), if "Do not save encrypted pages to disk" is disabled, via a web site or HTML e-mail that contains two null characters (%00) after the host name. Microsoft Internet Explorer 6.0, Outlook 2002, y Outlook 2003 permiten a atacantes remotos causar una denegación de servicio (consumición de CPU) si está desactivado "No guardar las páginas cifradas en el disco), mediante un sitio web o un mensaje de correo electrónico que contenga dos caractéres nulos (%00) después del nombre de máquina. • http://marc.info/?l=bugtraq&m=107643134712133&w=2 http://www.securityfocus.com/bid/9629 https://exchange.xforce.ibmcloud.com/vulnerabilities/15127 •