CVSS: 7.5EPSS: 87%CPEs: 11EXPL: 2CVE-2002-1142 – MS02-065 Microsoft IIS MDAC msadcs.dll RDS DataStub Content-Type Overflow
https://notcve.org/view.php?id=CVE-2002-1142
Heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6, and Internet Explorer 5.01 through 6.0, allows remote attackers to execute code via a malformed HTTP request to the Data Stub. Desbordamiento de búfer basado en la pila en el componente Remote Data Services (RDS) - Servicios de Datos Remotos de Microsoft Data Access Components (MDAC) 2.1 a 2.6, y en Internet Explorer 5.01 a 6.0 permite a atacantes remotos ejecutar código mediante una petición HTTP malformada al tocón (stub de datos). • https://www.exploit-db.com/exploits/19026 http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0082.html http://www.cert.org/advisories/CA-2002-33.html http://www.foundstone.com/knowledge/randd-advisories-display.html?id=337 http://www.kb.cert.org/vuls/id/542081 http://www.securityfocus.com/bid/6214 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-065 https://exchange.xforce.ibmcloud.com/vulnerabilities/10659 https://exchange.xforce.ibmcloud.com/vuln •
CVSS: 7.5EPSS: 94%CPEs: 5EXPL: 2CVE-2002-1254 – Microsoft Internet Explorer 5/6 - Cached Objects Zone Bypass
https://notcve.org/view.php?id=CVE-2002-1254
Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model and access information on the local system or in other domains, and possibly execute code, via cached methods and objects, aka "Cross Domain Verification via Cached Methods." • https://www.exploit-db.com/exploits/21959 http://marc.info/?l=bugtraq&m=103530131201191&w=2 http://security.greymagic.com/adv/gm012-ie http://www.ciac.org/ciac/bulletins/n-018.shtml http://www.iss.net/security_center/static/10435.php http://www.iss.net/security_center/static/10436.php http://www.iss.net/security_center/static/10437.php http://www.iss.net/security_center/static/10438.php http://www.iss.net/security_center/static/10439.php http://www.secu •
CVSS: 7.5EPSS: 92%CPEs: 4EXPL: 2CVE-2002-1217 – Microsoft Internet Explorer 5/6 - Unauthorized Document Object Model Access
https://notcve.org/view.php?id=CVE-2002-1217
Cross-Frame scripting vulnerability in the WebBrowser control as used in Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code, read arbitrary files, or conduct other unauthorized activities via script that accesses the Document property, which bypasses <frame> and <iframe> domain restrictions. Vulnerabilidad de scripts en marcos cruzados en el control WebBrowser usado en Internet Explorer 5.5 y 6.0 permite a atacantes remotos ejecutar código arbitrario, leer ficheros arbitrarios, y llevar a cabo otras actividades no autorizadas mediante código que accede a la propiedad Document, lo que evita las restricciones de dominio de frame e iframe • https://www.exploit-db.com/exploits/21940 http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0024.html http://marc.info/?l=bugtraq&m=103470310417576&w=2 http://marc.info/?l=ntbugtraq&m=103470202010570&w=2 http://security.greymagic.com/adv/gm011-ie http://www.ciac.org/ciac/bulletins/n-018.shtml http://www.iss.net/security_center/static/10371.php http://www.securityfocus.com/bid/5963 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-06 •
CVSS: 5.0EPSS: 21%CPEs: 7EXPL: 1CVE-2002-0648 – Microsoft Internet Explorer 5/6 - XML Redirect File Disclosure
https://notcve.org/view.php?id=CVE-2002-0648
The legacy <script> data-island capability for XML in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to read arbitrary XML files, and portions of other files, via a URL whose "src" attribute redirects to a local file. La capacidad de isla de datos <script> (legacy - legado - para compatibilidad con anteriores versiones) en XML en Microsoft Internet Explorer 5.01, 5.5 y 6.0 permite a atacantes remotos leer ficheros XML de su elección, y parte de otros ficheros, mediante una URL cuyo atributo "src" redirige a un fichero local. • https://www.exploit-db.com/exploits/21749 http://marc.info/?l=bugtraq&m=103011639524314&w=2 http://www.iss.net/security_center/static/9936.php http://www.securityfocus.com/bid/5560 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-047 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1026 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1148 https://oval.cisecurity.org/repository/search/ •
CVSS: 7.5EPSS: 6%CPEs: 7EXPL: 0CVE-2002-0722
https://notcve.org/view.php?id=CVE-2002-0722
Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to misrepresent the source of a file in the File Download dialogue box to trick users into thinking that the file type is safe to download, aka "File Origin Spoofing." • http://marc.info/?l=bugtraq&m=103054692223380&w=2 http://www.iss.net/security_center/static/9937.php http://www.osvdb.org/5129 http://www.securityfocus.com/bid/5559 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-047 •