CVE-2002-2435
https://notcve.org/view.php?id=CVE-2002-2435
The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264. La implementación de las Hojas de Estilo en Cascada (CSS) en Microsoft Internet Explorer, no controla correctamente el :visited pseudo-class, lo que permite a atacantes remotos obtener información sensible acerca de las páginas web visitadas a través de un documento HTML manipulado. Relacionado con CVE-2010-2264. • http://bugzilla.mozilla.org/show_bug.cgi?id=147777 http://w2spconf.com/2010/papers/p26.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/71817 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2011-4345
https://notcve.org/view.php?id=CVE-2011-4345
Cross-site scripting (XSS) vulnerability in Namazu before 2.0.21, when Internet Explorer 6 or 7 is used, allows remote attackers to inject arbitrary web script or HTML via a cookie. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados XSS en Namazu antes de v2.0.21, cuando se usa Internet Explorer 6 o 7, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de una cookie. • http://secunia.com/advisories/46925 http://www.namazu.org/security.html#cross-site-scripting http://www.securityfocus.com/bid/50771 https://bugzilla.redhat.com/show_bug.cgi?id=756348 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2011-1993
https://notcve.org/view.php?id=CVE-2011-1993
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Scroll Event Remote Code Execution Vulnerability." Microsoft Internet Explorer v6 a v9 no trata correctamente los objetos en la memoria, lo que permite a atacantes remotos ejecutar código de su elección accediendo a un objeto eliminado. También conocidacomo "vulnerabilidad de ejecución remota de código del evento Scroll". • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12705 •
CVE-2011-1995
https://notcve.org/view.php?id=CVE-2011-1995
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "OLEAuto32.dll Remote Code Execution Vulnerability." Microsoft Internet Explorer v6 a v9 no trata correctamente los objetos en la memoria, lo que permite a atacantes remotos ejecutar código de su elección, accediendo a un objeto que no se ha inicializado correctamente. También conocida como "vulnerabilidad de ejecución remota de código de OLEAuto32.dll". • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12838 • CWE-908: Use of Uninitialized Resource •
CVE-2011-1996 – Internet Explorer Select Element Cache Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-1996
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Option Element Remote Code Execution Vulnerability." Microsoft Internet Explorer v6 y v8, no tratan correctamente los objetos en la memoria, lo que permite a atacantes remotos ejecutar código de su elección accediendo a un objeto eliminado. También conocida como "vulnerabilidad de ejecución remota de código a través del elemento Option". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the caching implementation of a Select element. • https://www.exploit-db.com/exploits/24020 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12896 •