CVSS: 8.8EPSS: 25%CPEs: 2EXPL: 0CVE-2002-0022
https://notcve.org/view.php?id=CVE-2002-0022
08 Mar 2002 — Buffer overflow in the implementation of an HTML directive in mshtml.dll in Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via a web page that specifies embedded ActiveX controls in a way that causes 2 Unicode strings to be concatenated. Desbordamiento de buffer en la implementación de una directiva HTML en mshml.dll en Internet Explorer 5.5 y 6.0 permite ejecutar código arbitrario mediante una página web que especifica controles ActiveX en una forma que causa que 2 cadenas ... • http://marc.info/?l=bugtraq&m=101362984930597&w=2 •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 1CVE-2002-0027
https://notcve.org/view.php?id=CVE-2002-0027
08 Mar 2002 — Internet Explorer 5.5 and 6.0 allows remote attackers to read certain files and spoof the URL in the address bar by using the Document.open function to pass information between two frames from different domains, a new variant of the "Frame Domain Verification" vulnerability described in MS:MS01-058/CAN-2001-0874. Internet Explorer 5.5 y 6.0 permite a atacantes remotos leer ciertos ficheros y falsificar la URL en la barra de direcciones usando la función document.open() para pasar información entre dos marco... • http://www.osvdb.org/3031 •
CVSS: 7.5EPSS: 2%CPEs: 6EXPL: 0CVE-2002-0077
https://notcve.org/view.php?id=CVE-2002-0077
13 Jan 2002 — Microsoft Internet Explorer 5.01, 5.5 and 6.0 treats objects invoked on an HTML page with the codebase property as part of Local Computer zone, which allows remote attackers to invoke executables present on the local system through objects such as the popup object, aka the "Local Executable Invocation via Object tag" vulnerability. Microsoft Internet Explorer 5.01, 5.5 y 6.0 trata objetos invocados en una página HTML con la propiedad 'codebase' como parte de la zona 'Ordenador Local', lo que permite a ataca... • http://marc.info/?l=bugtraq&m=101103188711920&w=2 •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2001-1497
https://notcve.org/view.php?id=CVE-2001-1497
31 Dec 2001 — Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it easier to conduct a brute-force password guessing attack. • http://www.iss.net/security_center/static/7592.php •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2001-1539
https://notcve.org/view.php?id=CVE-2001-1539
31 Dec 2001 — Stack consumption vulnerability in Internet Explorer The JavaScript settimeout function in Internet Explorer allows remote attackers to cause a denial of service (crash) via the JavaScript settimeout function. NOTE: the vendor could not reproduce the problem. • http://archives.neohapsis.com/archives/bugtraq/2001-12/0008.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2001-1219
https://notcve.org/view.php?id=CVE-2001-1219
20 Dec 2001 — Microsoft Internet Explorer 6.0 and earlier allows malicious website operators to cause a denial of service (client crash) via JavaScript that continually refreshes the window via self.location. MS Internet Explorer 6.0 y anteriores permite a webmasters maliciosos provocar una denegación de servicio por medio de JavaScript que continuamente refresca la ventana con self.location. • http://www.securityfocus.com/archive/1/246649 •
CVSS: 8.8EPSS: 96%CPEs: 2EXPL: 0CVE-2001-0727
https://notcve.org/view.php?id=CVE-2001-0727
14 Dec 2001 — Internet Explorer 6.0 allows remote attackers to execute arbitrary code by modifying the Content-Disposition and Content-Type header fields in a way that causes Internet Explorer to believe that the file is safe to open without prompting the user, aka the "File Execution Vulnerability." Internet Explorer 6.0 permite a atacantes remotos la ejecución de código arbitrario mediante la modificación de los campos de cabecera 'Content-Disposition' y 'Content-Type' de modo que hace creer a Internet Explorer que es ... • http://marc.info/?l=bugtraq&m=100835204509262&w=2 •
CVSS: 5.0EPSS: 39%CPEs: 2EXPL: 0CVE-2001-0874
https://notcve.org/view.php?id=CVE-2001-0874
13 Dec 2001 — Internet Explorer 5.5 and 6.0 allow remote attackers to read certain files via HTML that passes information from a frame in the client's domain to a frame in the web site's domain, a variant of the "Frame Domain Verification" vulnerability. Internet Explorer 5.5 y 6.0 permite a atacantes remotos la lectura de ciertos ficheros vía HTML, pasando información de un marco en el dominio del cliente a otro marco del dominio del sitio web, una variante de la vulnerabilidad "FrameDomain Verification". • http://www.ciac.org/ciac/bulletins/m-027.shtml •
CVSS: 6.4EPSS: 3%CPEs: 2EXPL: 2CVE-2001-0722 – Microsoft Internet Explorer 5/6 - Cookie Disclosure/Modification
https://notcve.org/view.php?id=CVE-2001-0722
06 Dec 2001 — Internet Explorer 5.5 and 6.0 allows remote attackers to read and modify user cookies via Javascript in an about: URL, aka the "First Cookie Handling Vulnerability." • https://www.exploit-db.com/exploits/21144 •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2001-0919
https://notcve.org/view.php?id=CVE-2001-0919
26 Nov 2001 — Internet Explorer 5.50.4134.0100 on Windows ME with "Prompt to allow cookies to be stored on your machine" enabled does not warn a user when a cookie is set using Javascript. • http://marc.info/?l=bugtraq&m=100679857614967&w=2 •