Page 30 of 292 results (0.012 seconds)

CVSS: 7.5EPSS: 77%CPEs: 9EXPL: 1

Integer overflow in imgbmp.cxx for Windows 2000 allows remote attackers to execute arbitrary code via a BMP image with a large bfOffBits value. Error de falta de signo en enteros en imgbmp.cxx de Windows 2000 permite a atacantes remotos ejecutar código arbitrario mediante una imagen BMP con un valor bfOffBits grande. • http://archives.neohapsis.com/archives/fulldisclosure/2004-02/0806.html http://www.kb.cert.org/vuls/id/266926 http://www.us-cert.gov/cas/techalerts/TA04-212A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-025 https://exchange.xforce.ibmcloud.com/vulnerabilities/15210 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A216 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A306 https://oval& •

CVSS: 10.0EPSS: 77%CPEs: 18EXPL: 0

Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image. mshtml.dll de ciertas versiones de Internet Explorer 6.x permite a atacantes remotos causar una denegación de servicio (caída de aplicación) y posiblemente ejecutar código arbitrario mediante una imagen GIF malformada que dispara un desbordamiento de búfer. • http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/009445.html http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/009473.html http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/009506.html http://www.ciac.org/ciac/bulletins/o-191.shtml http://www.kb.cert.org/vuls/id/685364 http://www.securityfocus.com/bid/8530 http://www.us-cert.gov/cas/techalerts/TA04-212A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/200 • CWE-415: Double Free •

CVSS: 10.0EPSS: 96%CPEs: 4EXPL: 1

The WebBrowser ActiveX control, or the Internet Explorer HTML rendering engine (MSHTML), as used in Internet Explorer 6, allows remote attackers to execute arbitrary code in the Local Security context by using the showModalDialog method and modifying the location to execute code such as Javascript, as demonstrated using (1) delayed HTTP redirect operations, and an HTTP response with a Location: header containing a "URL:" prepended to a "ms-its" protocol URI, or (2) modifying the location attribute of the window, as exploited by the Download.ject (aka Scob aka Toofer) using the ADODB.Stream object. El control ActiveX WebBrowser, o el motor de render HTML de Internet Explorer (MSHTML), usado en Internet Explorer 6, permite a atacantes remotos ejecutar código arbitrario en el contexto de seguridad local usando el método showModalDialog y modificando la localizacion para ejecutar código como JavaScript, como demostró usando (1) redirecciones HTTP diferidas, y una respuesta HTTP con una cabecera "Location:" conteniendo un "URL:" añadida al principio de una URI "ms-its", o (2) modificando el atributo de localización de la ventana, explotado por el gusano Ject / Scob / Toofer, usando el objeto ADODB.Stream • https://www.exploit-db.com/exploits/316 http://62.131.86.111/analysis.htm http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0031.html http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0104.html http://marc.info/?l=bugtraq&m=108786396622284&w=2 http://marc.info/?l=bugtraq&m=108852642021426&w=2 http://umbrella.name/originalvuln/msie/InsiderPrototype http://www.kb.cert.org/vuls/id/713878 http://www.us-cert.gov/cas/techalerts/TA04-163A.html http:&# •

CVSS: 5.0EPSS: 4%CPEs: 32EXPL: 2

Unknown versions of Internet Explorer and Outlook allow remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack. Versiones desconocidas de Internet Explorer y Outlook permiten a atacantes remotos suplantar URL legítimas en la barra de estado mediante etiquetas A HREF con valores "alt" modificados que apuntan al sitio legítimo, combinado con un mapa de imagen cuyo HREF apunta al sitio malicioso, lo que facilita ataques de suplantación para robo de datos (phising). • https://www.exploit-db.com/exploits/24102 http://archives.neohapsis.com/archives/bugtraq/2004-05/0161.html http://marc.info/?l=bugtraq&m=108422905510713&w=2 http://www.kurczaba.com/securityadvisories/0405132poc.htm http://www.securityfocus.com/bid/10308 https://exchange.xforce.ibmcloud.com/vulnerabilities/16102 •

CVSS: 7.5EPSS: 51%CPEs: 7EXPL: 3

Internet Explorer 5.x and 6.0 allows remote attackers to execute arbitrary programs via a modified directory traversal attack using a URL containing ".." (dot dot) sequences and a filename that ends in "::" which is treated as a .chm file even if it does not have a .chm extension. NOTE: this bug may overlap CVE-2004-0475. Internet Explorer 5.x y 6.0 permite a atacantes remotos ejecutar programas arbitrarios mediante una URL conteniendo secuencias ".." (punto punto) en un nombre de fichero terminado en "::" que es tratado como un fichero CHM aunque no tenga extensión .chm. • https://www.exploit-db.com/exploits/23504 http://www.kb.cert.org/vuls/id/187196 http://www.securityfocus.com/archive/1/348521 http://www.securityfocus.com/bid/9320 http://www.us-cert.gov/cas/techalerts/TA04-196A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-023 https://exchange.xforce.ibmcloud.com/vulnerabilities/14105 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1186 https://oval.cisecurity.org/repository& •