CVSS: 5.1EPSS: 10%CPEs: 3EXPL: 2CVE-2003-0447 – Microsoft Internet Explorer 5 - Custom HTTP Error HTML Injection
https://notcve.org/view.php?id=CVE-2003-0447
The Custom HTTP Errors capability in Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute script in the Local Zone via an argument to shdocvw.dll that causes a "javascript:" link to be generated. La característica de errores HTTP personalizados en Internet Explorer 5.01, 5.5 y 6.0 permite a atacantes remotos ejecutar script en la Zona Local mediante un argumento a shdocvw.dll que causa que se genere un enlace "javascript:" • https://www.exploit-db.com/exploits/22784 http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005763.html http://marc.info/?l=bugtraq&m=105585933614773&w=2 http://marc.info/?l=ntbugtraq&m=105585142406147&w=2 http://security.greymagic.com/adv/gm014-ie •
CVSS: 7.5EPSS: 97%CPEs: 4EXPL: 3CVE-2003-0344 – Microsoft Internet Explorer - Object Tag (MS03-020)
https://notcve.org/view.php?id=CVE-2003-0344
Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page. Desbordamiento de búfer en Microsoft Internet Explorer 5.01, 5.5, y 6.0 permite que atacantes remotos ejecuten código arbitrario mediante un caracter "/" (barra inclinada) en la propiedad Type de un tag Object en una página web. • https://www.exploit-db.com/exploits/37 https://www.exploit-db.com/exploits/16581 https://www.exploit-db.com/exploits/22726 http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/006401.html http://marc.info/?l=bugtraq&m=105476381609135&w=2 http://secunia.com/advisories/8943 http://www.eeye.com/html/Research/Advisories/AD20030604.html http://www.kb.cert.org/vuls/id/679556 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-020 https:/ •
CVSS: 5.0EPSS: 4%CPEs: 3EXPL: 0CVE-2002-1564
https://notcve.org/view.php?id=CVE-2002-1564
Internet Explorer 5.5 and 6.0 allows remote attackers to steal potentially sensitive information from cookies via a cookie that contains script which is executed when a page is loaded, aka the "Script within Cookies Reading Cookies" vulnerability. Internet Explorer 5.5 y 6.0 permiten que atacantes remotos roben información (potencialmente confidencial) mediante cookies que contienen script que se ejecuta cuando se carga una página (también conocida como vulnerabilidad de "Script dentro de cookies que lee otras cookies" • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-023 •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2003-0115
https://notcve.org/view.php?id=CVE-2003-0115
Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check parameters that are passed during third party rendering, which could allow remote attackers to execute arbitrary web script, aka the "Third Party Plugin Rendering" vulnerability, a different vulnerability than CVE-2003-0233. Microsoft Internet Explorer 5.01, 5.5 y 6.0 no verifica adecuadamente parámetros que son pasados mientras dibujan componentes de terceros, lo que podría permitir a atacantes remotos ejecutar script web arbitrario, también conocida como vulnerabilidad de "Dibujo de plugin de terceros", una vulnerabilidad distinta de CAN-2003-0233. • http://www.iss.net/security_center/static/11848.php https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-015 •
CVSS: 7.5EPSS: 5%CPEs: 9EXPL: 0CVE-2003-0233
https://notcve.org/view.php?id=CVE-2003-0233
Heap-based buffer overflow in plugin.ocx for Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via the Load() method, a different vulnerability than CVE-2003-0115. Desbordamiento de búfer basado en el montículo (heap) en plugin.ocx de Internet Explorer 5.01, 5.5 y 6.0 permite a atacantes remotos ejecutar código arbitrari mediante el método Load(), una vulnerabilidad distinta de CAN-2003-0115. • http://marc.info/?l=bugtraq&m=105120164927952&w=2 http://www.iss.net/security_center/static/11854.php https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-015 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1094 •