CVSS: 5.0EPSS: 26%CPEs: 8EXPL: 0CVE-2002-1185
https://notcve.org/view.php?id=CVE-2002-1185
Internet Explorer 5.01 through 6.0 does not properly check certain parameters of a PNG file when opening it, which allows remote attackers to cause a denial of service (crash) by triggering a heap-based buffer overflow using invalid length codes during decompression, aka "Malformed PNG Image File Failure." • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0105.html http://marc.info/?l=bugtraq&m=103970996205091&w=2 http://www.eeye.com/html/Research/Advisories/AD20021211.html http://www.iss.net/security_center/static/10662.php http://www.securityfocus.com/bid/6216 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A393 https://oval.cisecurity.org/repository/search/definit •
CVSS: 7.5EPSS: 87%CPEs: 11EXPL: 1CVE-2002-1142 – Microsoft IIS - MDAC 'msadcs.dll' RDS DataStub Content-Type Overflow (MS02-065)
https://notcve.org/view.php?id=CVE-2002-1142
Heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6, and Internet Explorer 5.01 through 6.0, allows remote attackers to execute code via a malformed HTTP request to the Data Stub. Desbordamiento de búfer basado en la pila en el componente Remote Data Services (RDS) - Servicios de Datos Remotos de Microsoft Data Access Components (MDAC) 2.1 a 2.6, y en Internet Explorer 5.01 a 6.0 permite a atacantes remotos ejecutar código mediante una petición HTTP malformada al tocón (stub de datos). • https://www.exploit-db.com/exploits/19026 http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0082.html http://www.cert.org/advisories/CA-2002-33.html http://www.foundstone.com/knowledge/randd-advisories-display.html?id=337 http://www.kb.cert.org/vuls/id/542081 http://www.securityfocus.com/bid/6214 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-065 https://exchange.xforce.ibmcloud.com/vulnerabilities/10659 https://exchange.xforce.ibmcloud.com/vuln •
CVSS: 7.5EPSS: 94%CPEs: 5EXPL: 2CVE-2002-1254 – Microsoft Internet Explorer 5/6 - Cached Objects Zone Bypass
https://notcve.org/view.php?id=CVE-2002-1254
Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model and access information on the local system or in other domains, and possibly execute code, via cached methods and objects, aka "Cross Domain Verification via Cached Methods." • https://www.exploit-db.com/exploits/21959 http://marc.info/?l=bugtraq&m=103530131201191&w=2 http://security.greymagic.com/adv/gm012-ie http://www.ciac.org/ciac/bulletins/n-018.shtml http://www.iss.net/security_center/static/10435.php http://www.iss.net/security_center/static/10436.php http://www.iss.net/security_center/static/10437.php http://www.iss.net/security_center/static/10438.php http://www.iss.net/security_center/static/10439.php http://www.secu •
CVSS: 2.1EPSS: 0%CPEs: 13EXPL: 0CVE-2001-1497
https://notcve.org/view.php?id=CVE-2001-1497
Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it easier to conduct a brute-force password guessing attack. • http://www.iss.net/security_center/static/7592.php http://www.securityfocus.com/archive/1/241323 http://www.securityfocus.com/archive/1/241400 http://www.securityfocus.com/bid/3563 •
CVSS: 5.1EPSS: 0%CPEs: 9EXPL: 0CVE-2000-0162
https://notcve.org/view.php?id=CVE-2000-0162
The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-011 •