CVSS: 6.1EPSS: 9%CPEs: 4EXPL: 4CVE-2002-2062 – Microsoft Internet Explorer 5/6 - FTP Web View Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2002-2062
31 Dec 2002 — Cross-site scripting (XSS) vulnerability in ftp.htt in Internet Explorer 5.5 and 6.0, when running on Windows 2000 with "Enable folder view for FTP sites" and "Enable Web content in folders" selected, allows remote attackers to inject arbitrary web script or HTML via the hostname portion of an FTP URL. • https://www.exploit-db.com/exploits/21515 •
CVSS: 6.5EPSS: 31%CPEs: 2EXPL: 2CVE-2002-1705 – Microsoft Internet Explorer 5/6 - CSSText Bold Font Denial of Service
https://notcve.org/view.php?id=CVE-2002-1705
31 Dec 2002 — Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers to cause a denial of service (crash) via a Cascading Style Sheet (CSS) with the p{cssText} element declared and a bold font weight. • https://www.exploit-db.com/exploits/21556 •
CVSS: 6.5EPSS: 21%CPEs: 6EXPL: 1CVE-2002-1714 – Microsoft Internet Explorer 5/6 - Self-Referential Object Denial of Service
https://notcve.org/view.php?id=CVE-2002-1714
31 Dec 2002 — Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to cause a denial of service (crash) via an object of type "text/html" with the DATA field that identifies the HTML document that contains the object, which may cause infinite recursion. • https://www.exploit-db.com/exploits/21404 •
CVSS: 6.5EPSS: 29%CPEs: 8EXPL: 0CVE-2002-1185
https://notcve.org/view.php?id=CVE-2002-1185
11 Dec 2002 — Internet Explorer 5.01 through 6.0 does not properly check certain parameters of a PNG file when opening it, which allows remote attackers to cause a denial of service (crash) by triggering a heap-based buffer overflow using invalid length codes during decompression, aka "Malformed PNG Image File Failure." • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0105.html •
CVSS: 7.5EPSS: 36%CPEs: 8EXPL: 1CVE-2002-1186
https://notcve.org/view.php?id=CVE-2002-1186
11 Dec 2002 — Internet Explorer 5.01 through 6.0 does not properly perform security checks on certain encoded characters within a URL, which allows a remote attacker to steal potentially sensitive information from a user by redirecting the user to another site that has that information, aka "Encoded Characters Information Disclosure." • http://archives.neohapsis.com/archives/bugtraq/2002-09/0018.html •
CVSS: 6.8EPSS: 26%CPEs: 8EXPL: 1CVE-2002-1187 – Microsoft Internet Explorer 5 - IFrame/Frame Cross-Site/Zone Script Execution
https://notcve.org/view.php?id=CVE-2002-1187
11 Dec 2002 — Cross-site scripting vulnerability (XSS) in Internet Explorer 5.01 through 6.0 allows remote attackers to read and execute files on the local system via web pages using the <frame> or <iframe> element and javascript, aka "Frames Cross Site Scripting," as demonstrated using the PrivacyPolicy.dlg resource. • https://www.exploit-db.com/exploits/21777 •
CVSS: 6.4EPSS: 16%CPEs: 7EXPL: 0CVE-2002-1188
https://notcve.org/view.php?id=CVE-2002-1188
11 Dec 2002 — Internet Explorer 5.01 through 6.0 allows remote attackers to identify the path to the Temporary Internet Files folder and obtain user information such as cookies via certain uses of the OBJECT tag, which are not subjected to the proper security checks, aka "Temporary Internet Files folders Name Reading." • http://marc.info/?l=bugtraq&m=103184415307193&w=2 •
CVSS: 7.5EPSS: 11%CPEs: 2EXPL: 0CVE-2002-1262
https://notcve.org/view.php?id=CVE-2002-1262
11 Dec 2002 — Internet Explorer 5.5 and 6.0 does not perform complete security checks on external caching, which allows remote attackers to read arbitrary files. Internet Explorer 5.5 y 6.0 no realizan comprobaciones de seguridad completas en caché externa, lo que permite a atacantes remotos leer ficheros arbitrarios • http://marc.info/?l=bugtraq&m=103825484331857&w=2 •
CVSS: 9.8EPSS: 83%CPEs: 11EXPL: 1CVE-2002-1142 – Microsoft IIS - MDAC 'msadcs.dll' RDS DataStub Content-Type Overflow (MS02-065)
https://notcve.org/view.php?id=CVE-2002-1142
29 Nov 2002 — Heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6, and Internet Explorer 5.01 through 6.0, allows remote attackers to execute code via a malformed HTTP request to the Data Stub. Desbordamiento de búfer basado en la pila en el componente Remote Data Services (RDS) - Servicios de Datos Remotos de Microsoft Data Access Components (MDAC) 2.1 a 2.6, y en Internet Explorer 5.01 a 6.0 permite a atacantes remotos ejecutar código mediant... • https://www.exploit-db.com/exploits/19026 •
CVSS: 9.1EPSS: 72%CPEs: 5EXPL: 2CVE-2002-1254 – Microsoft Internet Explorer 5/6 - Cached Objects Zone Bypass
https://notcve.org/view.php?id=CVE-2002-1254
27 Nov 2002 — Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model and access information on the local system or in other domains, and possibly execute code, via cached methods and objects, aka "Cross Domain Verification via Cached Methods." • https://www.exploit-db.com/exploits/21959 •