CVSS: 7.5EPSS: 11%CPEs: 7EXPL: 1CVE-2002-0647 – Microsoft Internet Explorer 5/6 Legacy Text Formatting - ActiveX Component Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-0647
Buffer overflow in a legacy ActiveX control used to display specially formatted text in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code, aka "Buffer Overrun in Legacy Text Formatting ActiveX Control". Desbordamiento de búfer en el control ActiveX antiguo usado para mostrar texto especialmente formateado en Microsoft Internet Explorer 5.01, 5.5 y 6.0 permite a atacantes remotos ejecutar código arbitrario. También conocida como "Desbordamiento de búfer en control ActiveX antiguo de formato de texto" (Buffer Overrun in Legacy Text Formatting ActiveX Control • https://www.exploit-db.com/exploits/21748 http://www.iss.net/security_center/static/9935.php http://www.securityfocus.com/bid/5558 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-047 •
CVSS: 5.0EPSS: 21%CPEs: 7EXPL: 1CVE-2002-0648 – Microsoft Internet Explorer 5/6 - XML Redirect File Disclosure
https://notcve.org/view.php?id=CVE-2002-0648
The legacy <script> data-island capability for XML in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to read arbitrary XML files, and portions of other files, via a URL whose "src" attribute redirects to a local file. La capacidad de isla de datos <script> (legacy - legado - para compatibilidad con anteriores versiones) en XML en Microsoft Internet Explorer 5.01, 5.5 y 6.0 permite a atacantes remotos leer ficheros XML de su elección, y parte de otros ficheros, mediante una URL cuyo atributo "src" redirige a un fichero local. • https://www.exploit-db.com/exploits/21749 http://marc.info/?l=bugtraq&m=103011639524314&w=2 http://www.iss.net/security_center/static/9936.php http://www.securityfocus.com/bid/5560 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-047 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1026 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1148 https://oval.cisecurity.org/repository/search/ •
CVSS: 7.5EPSS: 2%CPEs: 6EXPL: 0CVE-2002-0691
https://notcve.org/view.php?id=CVE-2002-0691
Microsoft Internet Explorer 5.01 and 5.5 allows remote attackers to execute scripts in the Local Computer zone via a URL that references a local HTML resource file, a variant of "Cross-Site Scripting in Local HTML Resource" as identified by CAN-2002-0189. Microsoft Internet Explorer 5.01 y 5.5 permite a atacantes remotos ejecutar secuencias de comandos en la zona del PC local mediante una URL que hace referencia un ficherio de recurso local HTML, una variante de la vulnerabilidad "Secuencias de comandos en sitios cruzados en recurso HTML local (Cross-Site Scripting in Local HTML Resource) • http://www.iss.net/security_center/static/9938.php http://www.securityfocus.com/bid/5561 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-047 •
CVSS: 7.5EPSS: 6%CPEs: 7EXPL: 0CVE-2002-0722
https://notcve.org/view.php?id=CVE-2002-0722
Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to misrepresent the source of a file in the File Download dialogue box to trick users into thinking that the file type is safe to download, aka "File Origin Spoofing." • http://marc.info/?l=bugtraq&m=103054692223380&w=2 http://www.iss.net/security_center/static/9937.php http://www.osvdb.org/5129 http://www.securityfocus.com/bid/5559 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-047 •
CVSS: 6.4EPSS: 94%CPEs: 11EXPL: 1CVE-2002-0976 – Microsoft Internet Explorer 4/5/6 - XML Datasource Applet File Disclosure
https://notcve.org/view.php?id=CVE-2002-0976
Internet Explorer 4.0 and later allows remote attackers to read arbitrary files via a web page that accesses a legacy XML Datasource applet (com.ms.xml.dso.XMLDSO.class) and modifies the base URL to point to the local system, which is trusted by the applet. • https://www.exploit-db.com/exploits/21721 http://marc.info/?l=bugtraq&m=102960731805373&w=2 http://www.iss.net/security_center/static/9885.php http://www.securityfocus.com/bid/5490 •