CVSS: 5.0EPSS: 0%CPEs: 10EXPL: 0CVE-2003-1028
https://notcve.org/view.php?id=CVE-2003-1028
The download function of Internet Explorer 6 SP1 allows remote attackers to obtain the cache directory name via an HTTP response with an invalid ContentType and a .htm file, which could allow remote attackers to bypass security mechanisms that rely on random names, as demonstrated by threadid10008. La función de descarga de Internet Explorer 6 SP1 permite a atacantes remotos obtener el nombre de directorio de caché mediante una respuesta HTTP con un ContentType inválido y un fichero .html, lo que podría permitir a atacantes remotos saltarse mecanismos de seguridad que se basan en nombres aleatorios, como se demostró por threadid10008. • http://marc.info/?l=bugtraq&m=106979428718705&w=2 http://marc.info/?l=bugtraq&m=106979624321665&w=2 http://marc.info/?l=bugtraq&m=107038202225587&w=2 http://www.osvdb.org/7890 http://www.safecenter.net/UMBRELLAWEBV4/threadid10008 https://exchange.xforce.ibmcloud.com/vulnerabilities/13847 •
CVSS: 10.0EPSS: 16%CPEs: 10EXPL: 0CVE-2003-1027
https://notcve.org/view.php?id=CVE-2003-1027
Internet Explorer 5.01 through 6 SP1 allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by using method caching (SaveRef) to access the window.moveBy method, which is otherwise inaccessible, as demonstrated by HijackClickV2, a different vulnerability than CVE-2003-0823, aka the "Function Pointer Drag and Drop Vulnerability." Internet Explorer 6 SP1 permite a atacantes remotos enviar acciones de arrastrar y soltar y otras acciones con el ratón a otras ventanas usando cacheado de métodos (SaveRef) para acceder al método window.moveBy, que es de otra manera inaccesible, como se demostró por HijackClickV2. • http://marc.info/?l=bugtraq&m=106979479719446&w=2 http://marc.info/?l=bugtraq&m=107038202225587&w=2 http://www.kb.cert.org/vuls/id/413886 http://www.safecenter.net/UMBRELLAWEBV4/HijackClickV2 http://www.securitytracker.com/id?1006036 http://www.us-cert.gov/cas/techalerts/TA04-033A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-004 https://exchange.xforce.ibmcloud.com/vulnerabilities/13844 https://oval.cisecurity.org/repository/search/definition/ •
CVSS: 9.3EPSS: 1%CPEs: 10EXPL: 1CVE-2003-1026 – Microsoft Internet Explorer - URL Injection in History List (MS04-004)
https://notcve.org/view.php?id=CVE-2003-1026
Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions via a javascript protocol URL in a sub-frame, which is added to the history list and executed in the top window's zone when the history.back (back) function is called, as demonstrated by BackToFramedJpu, aka the "Travel Log Cross Domain Vulnerability." Internet Explorer SP1 permite a atacantes remotos evitar restricciones de zonas mediante una URL de protocolo JavaScript en un sub-marco, que es añadido al historial de páginas visitadas y es ejecutado en la zona de seguridad de la ventana principal cuando se usa el método JavaScritp "history.back" (mostrar página anterior), como se demostró por BackToFramedJpu. • https://www.exploit-db.com/exploits/151 http://marc.info/?l=bugtraq&m=106979349517578&w=2 http://marc.info/?l=bugtraq&m=107038202225587&w=2 http://www.kb.cert.org/vuls/id/784102 http://www.safecenter.net/UMBRELLAWEBV4/BackToFramedJpu http://www.us-cert.gov/cas/techalerts/TA04-033A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-004 https://exchange.xforce.ibmcloud.com/vulnerabilities/13846 https://oval.cisecurity.org/repository/search/definition • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 94%CPEs: 9EXPL: 2CVE-2003-0809 – Microsoft Internet Explorer 5 - XML Page Object Type Validation (MS03-040)
https://notcve.org/view.php?id=CVE-2003-0809
Internet Explorer 5.01 through 6.0 does not properly handle object tags returned from a Web server during XML data binding, which allows remote attackers to execute arbitrary code via an HTML e-mail message or web page. Internet Explorer 5.01 a 6.0 no maneja adecuadamente etiquetas "object" devueltas por un servidor Web durante un una asociación de datos XML, lo que permite a atacantes remotos ejecutar código arbitrario mediante un correo electrónico HTML o una página web. • https://www.exploit-db.com/exploits/23122 http://www.osvdb.org/7887 http://www.securityfocus.com/bid/8565 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-040 https://exchange.xforce.ibmcloud.com/vulnerabilities/13300 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A123 •
CVSS: 7.5EPSS: 95%CPEs: 9EXPL: 1CVE-2003-0838 – Microsoft Internet Explorer 5/6 - Browser Popup Window Object Type Validation
https://notcve.org/view.php?id=CVE-2003-0838
Internet Explorer allows remote attackers to bypass zone restrictions to inject and execute arbitrary programs by creating a popup window and inserting ActiveX object code with a "data" tag pointing to the malicious code, which Internet Explorer treats as HTML or Javascript, but later executes as an HTA application, a different vulnerability than CVE-2003-0532, and as exploited using the QHosts Trojan horse (aka Trojan.Qhosts, QHosts-1, VBS.QHOSTS, or aolfix.exe). Internet Explorer permite a atacantes remotos saltarse restricciones de zona para inyectar y ejecutar programas arbitrarios creando una ventana emergente e insertando un objeto ActiveX con una etiqueta "data" apuntando al código maliciosos, que Internet Explorer trata como HTML o JavaScript, pero luego ejecuta como una aplicación .HTA; una vulnerabilidad diferente de CAN-2003-0532, y explotada por el virus QHosts. • https://www.exploit-db.com/exploits/23114 http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/009639.html http://marc.info/?l=bugtraq&m=106304733121753&w=2 http://marc.info/?l=bugtraq&m=106304876523459&w=2 http://marc.info/?l=ntbugtraq&m=106302799428500&w=2 http://securityresponse.symantec.com/avcenter/venc/data/trojan.qhosts.html http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0310&L=ntbugtraq&F=P&S=&P=2169 http://www.osvdb.org/7872 http: •