Page 3 of 22 results (0.003 seconds)

CVSS: 7.5EPSS: 5%CPEs: 8EXPL: 1

Internet Explorer 5.1 for Macintosh allows remote attackers to bypass security checks and invoke local AppleScripts within a specific HTML element, aka the "Local Applescript Invocation" vulnerability. Internet Explorer 5.1 para Macintosh permite a atacantes remotos evadir comprobaciones de seguridad e invocar AppleScripts locales dentro de un elemento HTML específico. Tambien conocido como vulnerabilidad de "Invocación local de AppleScript" • https://www.exploit-db.com/exploits/21238 http://www.iss.net/security_center/static/8851.php http://www.osvdb.org/5356 http://www.securityfocus.com/archive/1/251805 http://www.securityfocus.com/bid/3935 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-019 https://exchange.xforce.ibmcloud.com/vulnerabilities/7969 •

CVSS: 2.1EPSS: 0%CPEs: 13EXPL: 0

Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it easier to conduct a brute-force password guessing attack. • http://www.iss.net/security_center/static/7592.php http://www.securityfocus.com/archive/1/241323 http://www.securityfocus.com/archive/1/241400 http://www.securityfocus.com/bid/3563 •

CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 0

Internet Explorer 6 and earlier allows remote attackers to cause certain HTTP requests to be automatically executed and appear to come from the user, which could allow attackers to gain privileges or execute operations within web-based services, aka the "HTTP Request Encoding vulnerability." • http://www.osvdb.org/1972 http://www.securityfocus.com/bid/3421 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-051 https://exchange.xforce.ibmcloud.com/vulnerabilities/7259 •

CVSS: 5.1EPSS: 0%CPEs: 2EXPL: 1

Microsoft Virtual Machine (VM) in Internet Explorer 4.x and 5.x allows an unsigned applet to create and use ActiveX controls, which allows a remote attacker to bypass Internet Explorer's security settings and execute arbitrary commands via a malicious web page or email, aka the "Microsoft VM ActiveX Component" vulnerability. • https://www.exploit-db.com/exploits/20266 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-075 https://exchange.xforce.ibmcloud.com/vulnerabilities/5127 •

CVSS: 2.6EPSS: 0%CPEs: 9EXPL: 0

A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability. • http://www.securityfocus.com/bid/1564 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-055 •