CVSS: 7.5EPSS: 2%CPEs: 6EXPL: 0CVE-2002-0077
https://notcve.org/view.php?id=CVE-2002-0077
Microsoft Internet Explorer 5.01, 5.5 and 6.0 treats objects invoked on an HTML page with the codebase property as part of Local Computer zone, which allows remote attackers to invoke executables present on the local system through objects such as the popup object, aka the "Local Executable Invocation via Object tag" vulnerability. Microsoft Internet Explorer 5.01, 5.5 y 6.0 trata objetos invocados en una página HTML con la propiedad 'codebase' como parte de la zona 'Ordenador Local', lo que permite a atacantes remotos invocar ejecutables presentes en el sistema local mediante objetos como el objeto 'popup'. Tambíen conocido como "Invocación de ejecutable local mediante la etiqueta Object". • http://marc.info/?l=bugtraq&m=101103188711920&w=2 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-015 •
CVSS: 2.1EPSS: 0%CPEs: 13EXPL: 0CVE-2001-1497
https://notcve.org/view.php?id=CVE-2001-1497
Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it easier to conduct a brute-force password guessing attack. • http://www.iss.net/security_center/static/7592.php http://www.securityfocus.com/archive/1/241323 http://www.securityfocus.com/archive/1/241400 http://www.securityfocus.com/bid/3563 •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2001-1219
https://notcve.org/view.php?id=CVE-2001-1219
Microsoft Internet Explorer 6.0 and earlier allows malicious website operators to cause a denial of service (client crash) via JavaScript that continually refreshes the window via self.location. MS Internet Explorer 6.0 y anteriores permite a webmasters maliciosos provocar una denegación de servicio por medio de JavaScript que continuamente refresca la ventana con self.location. • http://www.securityfocus.com/archive/1/246649 http://www.securityfocus.com/bid/3730 •
CVSS: 7.5EPSS: 96%CPEs: 2EXPL: 0CVE-2001-0727
https://notcve.org/view.php?id=CVE-2001-0727
Internet Explorer 6.0 allows remote attackers to execute arbitrary code by modifying the Content-Disposition and Content-Type header fields in a way that causes Internet Explorer to believe that the file is safe to open without prompting the user, aka the "File Execution Vulnerability." Internet Explorer 6.0 permite a atacantes remotos la ejecución de código arbitrario mediante la modificación de los campos de cabecera 'Content-Disposition' y 'Content-Type' de modo que hace creer a Internet Explorer que es seguro abrir el fichero sin pedir confirmación al usuario, también conocida como "File Execution Vulnerability". • http://marc.info/?l=bugtraq&m=100835204509262&w=2 http://marc.info/?l=bugtraq&m=100861273114437&w=2 http://www.cert.org/advisories/CA-2001-36.html http://www.ciac.org/ciac/bulletins/m-027.shtml http://www.kb.cert.org/vuls/id/443699 http://www.osvdb.org/3033 http://www.securityfocus.com/bid/3578 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-058 https://exchange.xforce.ibmcloud.com/vulnerabilities/7703 https://oval.cisecurity.org& •
CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 0CVE-2001-0874
https://notcve.org/view.php?id=CVE-2001-0874
Internet Explorer 5.5 and 6.0 allow remote attackers to read certain files via HTML that passes information from a frame in the client's domain to a frame in the web site's domain, a variant of the "Frame Domain Verification" vulnerability. Internet Explorer 5.5 y 6.0 permite a atacantes remotos la lectura de ciertos ficheros vía HTML, pasando información de un marco en el dominio del cliente a otro marco del dominio del sitio web, una variante de la vulnerabilidad "FrameDomain Verification". • http://www.ciac.org/ciac/bulletins/m-027.shtml http://www.securityfocus.com/bid/3693 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-058 https://exchange.xforce.ibmcloud.com/vulnerabilities/7702 •