CVE-2003-0816 – Microsoft Internet Explorer 5 - window.open Search Pane Cross-Zone Scripting
https://notcve.org/view.php?id=CVE-2003-0816
Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions by (1) using the NavigateAndFind method to load a file: URL containing Javascript, as demonstrated by NAFfileJPU, (2) using the window.open method to load a file: URL containing Javascript, as demonstrated using WsOpenFileJPU, (3) setting the href property in the base tag for the _search window, as demonstrated using WsBASEjpu, (4) loading the search window into an Iframe, as demonstrated using WsFakeSrc, (5) caching a javascript: URL in the browser history, then accessing that URL in the same frame as the target domain, as demonstrated using WsOpenJpuInHistory, NAFjpuInHistory, BackMyParent, BackMyParent2, and RefBack, aka the "Script URLs Cross Domain" vulnerability. Internet Explorer 6 SP1 y anteriores permite que atacantes remotos se salten restricciones de seguridad mediante: (1) uso del método NavigateAndFind para descargar un fichero, (2) uso del método window.open para cargar un fichero, (3) fijando la propriedad href en el tag base para la ventana _search, (4) cargando la venta de búsqueda en un Iframe, (5) capturando una URL de javascript en el histórico del navegador. • https://www.exploit-db.com/exploits/23790 https://www.exploit-db.com/exploits/23131 http://marc.info/?l=bugtraq&m=106321638416884&w=2 http://marc.info/?l=bugtraq&m=106321693517858&w=2 http://marc.info/?l=bugtraq&m=106321781819727&w=2 http://marc.info/?l=bugtraq&m=106321882821788&w=2 http://marc.info/? •
CVE-2003-0814
https://notcve.org/view.php?id=CVE-2003-0814
Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and execute Javascript by setting the window's "href" to the malicious Javascript, then calling execCommand("Refresh") to refresh the page, aka BodyRefreshLoadsJPU or the "ExecCommand Cross Domain" vulnerability. Internet Explorer 6 SP1 y anteriores permiten que atacantes remotos se salten restricciones y ejecuten Javascript fijando el ""href"" al Javascript malicioso y a continuación llamando al comando execCommand(""Refresh""). También se la conoce como vulnerabilidad ""ExecCommand Cross Domain"" o BodyRefreshLoadsJPU . • http://secunia.com/advisories/10192 http://securitytracker.com/id?1007687 http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2003-09/0177.html http://www.kb.cert.org/vuls/id/326412 http://www.safecenter.net/liudieyu/BodyRefreshLoadsJPU/BodyRefreshLoadsJPU-Content.htm http://www.securityfocus.com/archive/1/337086 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-048 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A335 https: •
CVE-2003-0815
https://notcve.org/view.php?id=CVE-2003-0815
Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and read arbitrary files by (1) modifying the createTextRange method and using CreateLink, as demonstrated using LinkillerSaveRef, LinkillerJPU, and Linkiller, or (2) modifying the createRange method and using the FIND dialog to select text, as demonstrated using Findeath, aka the "Function Pointer Override Cross Domain" vulnerability. Internet Explorer 6 SP1 y anteriores permite que atacantes remotos se salten restricciones de seguridad y lean ficheros arbitrario mediante (1) modificando el método createTextRange y usando CreateLink, como se demuestra usando LinkillerSaveRef, LinkillerJPU, yLinkiller. Y (2) modificando el método createRange y usando el diálogo FIND para seleccionar texto, como se demuestra usando Findeath. También se la conoce como vulnerabilidad ""Function Pointer Override Cross Domain"". • http://marc.info/?l=bugtraq&m=106321757619047&w=2 http://marc.info/?l=bugtraq&m=106322542104656&w=2 http://secunia.com/advisories/10192 http://securitytracker.com/id?1007687 http://www.ciac.org/ciac/bulletins/o-021.shtml http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2003-09/0150.html http://www.osvdb.org/7888 http://www.osvdb.org/7889 http://www.safecenter.net/UMBRELLAWEBV4/Linkiller/Linkiller-Content.HTM http://www.safecenter.net/UMBRELLAWEBV4/LinkillerJPU •
CVE-2003-0817
https://notcve.org/view.php?id=CVE-2003-0817
Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions and read arbitrary files via an XML object. Internet Explorer 5.01 hasta la 6 SP1 permite que atacantes remotos se salten restricciones de seguirdad y lean ficheros arbitrarios mediante objetos XML. • http://secunia.com/advisories/10192 http://www.securityfocus.com/bid/9012 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-048 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A508 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A520 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A543 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef •
CVE-2003-0823
https://notcve.org/view.php?id=CVE-2003-0823
Internet Explorer 6 SP1 and earlier allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by calling the window.moveBy method, aka HijackClick, a different vulnerability than CVE-2003-1027. Internet Explorer 6SP! y anteriores permite que atacantes remotos redirijan los comportamientos de copias/pegar y otras acciones del ratón a otras ventenas, mediante llamada al método window.moveBy. También se la conoce como vulnerabilidad HijackClick • http://marc.info/?l=bugtraq&m=106322197932006&w=2 http://secunia.com/advisories/10192 http://www.kb.cert.org/vuls/id/413886 http://www.securityfocus.com/archive/1/337086 http://www.securitytracker.com/id?1006036 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-048 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A368 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A369 https://ova •