Page 9 of 70 results (0.011 seconds)

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1

Internet Explorer before 5.5 forwards cached user credentials for a secure web site to insecure pages on the same web site, which could allow remote attackers to obtain the credentials by monitoring connections to the web server, aka the "Cached Web Credentials" vulnerability. • http://www.acrossecurity.com/aspr/ASPR-2000-07-22-2-PUB.txt http://www.securityfocus.com/bid/1793 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-076 https://exchange.xforce.ibmcloud.com/vulnerabilities/5367 •

CVSS: 2.6EPSS: 0%CPEs: 4EXPL: 0

The ActiveX control for invoking a scriptlet in Internet Explorer 4.x and 5.x renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka the "Scriptlet Rendering" vulnerability. • http://www.securityfocus.com/bid/1564 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-055 •

CVSS: 2.6EPSS: 0%CPEs: 9EXPL: 0

A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability. • http://www.securityfocus.com/bid/1564 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-055 •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Internet Explorer 5.x does not warn a user before opening a Microsoft Access database file that is referenced within ActiveX OBJECT tags in an HTML document, which could allow remote attackers to execute arbitrary commands, aka the "IE Script" vulnerability. • http://www.cert.org/advisories/CA-2000-16.html http://www.securityfocus.com/bid/1398 http://www.securityfocus.com/templates/archive.pike?list=1&msg=000d01bfe0fb%24418f59b0%2496217aa8%40src.bu.edu http://www.securityfocus.com/templates/archive.pike?list=1&msg=39589359.762392DB%40nat.bg https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-049 •

CVSS: 2.6EPSS: 0%CPEs: 4EXPL: 0

The IFRAME of the WebBrowser control in Internet Explorer 5.01 allows a remote attacker to violate the cross frame security policy via the NavigateComplete2 event. • http://archives.neohapsis.com/archives/win2ksecadvice/2000-q2/0154.html http://www.securityfocus.com/bid/1311 •