Page 40 of 390 results (0.008 seconds)

CVSS: 2.6EPSS: 0%CPEs: 13EXPL: 0

Cross-site scripting (XSS) vulnerability in Namazu before 2.0.21, when Internet Explorer 6 or 7 is used, allows remote attackers to inject arbitrary web script or HTML via a cookie. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados XSS en Namazu antes de v2.0.21, cuando se usa Internet Explorer 6 o 7, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de una cookie. • http://secunia.com/advisories/46925 http://www.namazu.org/security.html#cross-site-scripting http://www.securityfocus.com/bid/50771 https://bugzilla.redhat.com/show_bug.cgi?id=756348 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.3EPSS: 18%CPEs: 30EXPL: 0

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Scroll Event Remote Code Execution Vulnerability." Microsoft Internet Explorer v6 a v9 no trata correctamente los objetos en la memoria, lo que permite a atacantes remotos ejecutar código de su elección accediendo a un objeto eliminado. También conocidacomo "vulnerabilidad de ejecución remota de código del evento Scroll". • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12705 •

CVSS: 9.3EPSS: 21%CPEs: 30EXPL: 0

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "OLEAuto32.dll Remote Code Execution Vulnerability." Microsoft Internet Explorer v6 a v9 no trata correctamente los objetos en la memoria, lo que permite a atacantes remotos ejecutar código de su elección, accediendo a un objeto que no se ha inicializado correctamente. También conocida como "vulnerabilidad de ejecución remota de código de OLEAuto32.dll". • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12838 • CWE-908: Use of Uninitialized Resource •

CVSS: 9.3EPSS: 93%CPEs: 23EXPL: 1

Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Option Element Remote Code Execution Vulnerability." Microsoft Internet Explorer v6 y v8, no tratan correctamente los objetos en la memoria, lo que permite a atacantes remotos ejecutar código de su elección accediendo a un objeto eliminado. También conocida como "vulnerabilidad de ejecución remota de código a través del elemento Option". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the caching implementation of a Select element. • https://www.exploit-db.com/exploits/24020 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12896 •

CVSS: 9.3EPSS: 81%CPEs: 30EXPL: 0

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Body Element Remote Code Execution Vulnerability." Microsoft Internet Explorer v6 a v9 no trata correctamente los objetos en la memoria, lo que permite a atacantes remotos ejecutar código de su elección accediendo a un objeto eliminado. También conocida como "vulnerabilidad de ejecución remota de código a través del elemento Body". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet Explorer handles calls to the method swapNode(). • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13083 •