Page 54 of 292 results (0.007 seconds)

CVSS: 5.1EPSS: 1%CPEs: 2EXPL: 4

The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands. • https://www.exploit-db.com/exploits/19528 https://www.exploit-db.com/exploits/19515 https://www.exploit-db.com/exploits/19521 http://www.kb.cert.org/vuls/id/23412 http://www.kb.cert.org/vuls/id/24839 http://www.kb.cert.org/vuls/id/26924 http://www.kb.cert.org/vuls/id/41408 http://www.kb.cert.org/vuls/id/9162 http://www.securityfocus.com/archive/1/28719 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-037 https: •

CVSS: 4.0EPSS: 2%CPEs: 2EXPL: 1

The Eyedog ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy. • https://www.exploit-db.com/exploits/19487 http://ciac.llnl.gov/ciac/bulletins/j-064.shtml •

CVSS: 5.0EPSS: 3%CPEs: 1EXPL: 1

The "download behavior" in Internet Explorer 5 allows remote attackers to read arbitrary files via a server-side redirect. • https://www.exploit-db.com/exploits/19530 http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ242542 http://www.ciac.org/ciac/bulletins/k-002.shtml http://www.kb.cert.org/vuls/id/37828 http://www.osvdb.org/11274 http://www.securityfocus.com/bid/674 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-040 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0

Buffer overflow in the Eyedog ActiveX control allows a remote attacker to execute arbitrary commands. • http://ciac.llnl.gov/ciac/bulletins/j-064.shtml https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-032 •

CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 2

Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell. • https://www.exploit-db.com/exploits/19471 http://marc.info/?l=ntbugtraq&m=93578772920970&w=2 http://www.securityfocus.com/bid/606 •