CVSS: 5.0EPSS: 26%CPEs: 8EXPL: 0CVE-2002-1185
https://notcve.org/view.php?id=CVE-2002-1185
Internet Explorer 5.01 through 6.0 does not properly check certain parameters of a PNG file when opening it, which allows remote attackers to cause a denial of service (crash) by triggering a heap-based buffer overflow using invalid length codes during decompression, aka "Malformed PNG Image File Failure." • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0105.html http://marc.info/?l=bugtraq&m=103970996205091&w=2 http://www.eeye.com/html/Research/Advisories/AD20021211.html http://www.iss.net/security_center/static/10662.php http://www.securityfocus.com/bid/6216 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-066 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A393 https://oval.cisecurity.org/repository/search/definit •
CVSS: 7.5EPSS: 87%CPEs: 11EXPL: 2CVE-2002-1142 – MS02-065 Microsoft IIS MDAC msadcs.dll RDS DataStub Content-Type Overflow
https://notcve.org/view.php?id=CVE-2002-1142
Heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6, and Internet Explorer 5.01 through 6.0, allows remote attackers to execute code via a malformed HTTP request to the Data Stub. Desbordamiento de búfer basado en la pila en el componente Remote Data Services (RDS) - Servicios de Datos Remotos de Microsoft Data Access Components (MDAC) 2.1 a 2.6, y en Internet Explorer 5.01 a 6.0 permite a atacantes remotos ejecutar código mediante una petición HTTP malformada al tocón (stub de datos). • https://www.exploit-db.com/exploits/19026 http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0082.html http://www.cert.org/advisories/CA-2002-33.html http://www.foundstone.com/knowledge/randd-advisories-display.html?id=337 http://www.kb.cert.org/vuls/id/542081 http://www.securityfocus.com/bid/6214 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-065 https://exchange.xforce.ibmcloud.com/vulnerabilities/10659 https://exchange.xforce.ibmcloud.com/vuln •
CVSS: 5.0EPSS: 21%CPEs: 7EXPL: 1CVE-2002-0648 – Microsoft Internet Explorer 5/6 - XML Redirect File Disclosure
https://notcve.org/view.php?id=CVE-2002-0648
The legacy <script> data-island capability for XML in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to read arbitrary XML files, and portions of other files, via a URL whose "src" attribute redirects to a local file. La capacidad de isla de datos <script> (legacy - legado - para compatibilidad con anteriores versiones) en XML en Microsoft Internet Explorer 5.01, 5.5 y 6.0 permite a atacantes remotos leer ficheros XML de su elección, y parte de otros ficheros, mediante una URL cuyo atributo "src" redirige a un fichero local. • https://www.exploit-db.com/exploits/21749 http://marc.info/?l=bugtraq&m=103011639524314&w=2 http://www.iss.net/security_center/static/9936.php http://www.securityfocus.com/bid/5560 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-047 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1026 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1148 https://oval.cisecurity.org/repository/search/ •
CVSS: 7.5EPSS: 6%CPEs: 7EXPL: 0CVE-2002-0722
https://notcve.org/view.php?id=CVE-2002-0722
Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to misrepresent the source of a file in the File Download dialogue box to trick users into thinking that the file type is safe to download, aka "File Origin Spoofing." • http://marc.info/?l=bugtraq&m=103054692223380&w=2 http://www.iss.net/security_center/static/9937.php http://www.osvdb.org/5129 http://www.securityfocus.com/bid/5559 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-047 •
CVSS: 7.5EPSS: 2%CPEs: 6EXPL: 0CVE-2002-0691
https://notcve.org/view.php?id=CVE-2002-0691
Microsoft Internet Explorer 5.01 and 5.5 allows remote attackers to execute scripts in the Local Computer zone via a URL that references a local HTML resource file, a variant of "Cross-Site Scripting in Local HTML Resource" as identified by CAN-2002-0189. Microsoft Internet Explorer 5.01 y 5.5 permite a atacantes remotos ejecutar secuencias de comandos en la zona del PC local mediante una URL que hace referencia un ficherio de recurso local HTML, una variante de la vulnerabilidad "Secuencias de comandos en sitios cruzados en recurso HTML local (Cross-Site Scripting in Local HTML Resource) • http://www.iss.net/security_center/static/9938.php http://www.securityfocus.com/bid/5561 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-047 •