CVSS: 4.3EPSS: 1%CPEs: 1EXPL: 2CVE-2008-5551 – Microsoft Internet Explorer 8 - CSS 'expression' Property Cross-Site Scripting Filter Bypass
https://notcve.org/view.php?id=CVE-2008-5551
The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 allows remote attackers to bypass the XSS protection mechanism and conduct XSS attacks by injecting data at two different positions within an HTML document, related to STYLE elements and the CSS expression property, aka a "double injection." El filtro XSS (ejecución de secuencias de comandos en sitios cruzados) en Microsoft Internet Explorer 8.0 Beta 2 permite a atacantes remotos saltar el mecanismo de protección XSS y generar ataques XSS mediante la inyección de datos en dos posiciones diferentes en un documento HTML, relacionado con elementos STYLE y la propiedad CSS expression, alias una "doble inyección". • https://www.exploit-db.com/exploits/32654 http://securityreason.com/securityalert/4724 http://www.securityfocus.com/archive/1/499124/100/0/threaded http://www.securityfocus.com/bid/32780 https://exchange.xforce.ibmcloud.com/vulnerabilities/47277 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2008-5552
https://notcve.org/view.php?id=CVE-2008-5552
The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 allows remote attackers to bypass the XSS protection mechanism and conduct XSS attacks via a CRLF sequence in conjunction with a crafted Content-Type header, as demonstrated by a header with a utf-7 charset value. NOTE: the vendor has reportedly stated that the XSS Filter intentionally does not attempt to "address every conceivable XSS attack scenario." El filtro XSS (ejecución de secuencias de comandos en sitios cruzados) en Microsoft Internet Explorer 8.0 Beta 2 permite a atacantes remotos saltar el mecanismo de protección XSS y generar ataques XSS mediante una secuencia CRLF junto con una cabecera Content-Type manipulada, como se demostró por una cabecera con un valor de charset utf-7. NOTA: El fabricante mantiene que el filtro XSS de manera intencionada no intenta "abordar todas las hipótesis de ataque XSS". • http://www.securityfocus.com/archive/1/499124/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/47277 https://exchange.xforce.ibmcloud.com/vulnerabilities/47441 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 4%CPEs: 3EXPL: 0CVE-2008-4127
https://notcve.org/view.php?id=CVE-2008-4127
Mshtml.dll in Microsoft Internet Explorer 7 Gold 7.0.5730 and 8 Beta 8.0.6001 on Windows XP SP2 allows remote attackers to cause a denial of service (failure of subsequent image rendering) via a crafted PNG file, related to an infinite loop in the CDwnTaskExec::ThreadExec function. Mshtml.dll en Microsoft Internet Explorer 7 Gold 7.0.5730 y 8 Beta 8.0.6001 en Windows XP SP2 que permite a los atacantes remotos causar una denegación de servicios (fallo en rendererizado posterior de la imagen) a través de un fichero PNG manipulado, en relación a un bucle infinito en la función CDwnTaskExec::ThreadExec. • http://securityreason.com/securityalert/4273 http://www.securityfocus.com/archive/1/496483/100/0/threaded http://www.securityfocus.com/bid/31215 https://exchange.xforce.ibmcloud.com/vulnerabilities/45225 • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 8%CPEs: 2EXPL: 1CVE-2008-2948 – Microsoft Internet Explorer 7/8 Beta 1 - Frame Location Cross Domain Security Bypass
https://notcve.org/view.php?id=CVE-2008-2948
Cross-domain vulnerability in Microsoft Internet Explorer 7 and 8 allows remote attackers to change the location property of a frame via the Object data type, and use a frame from a different domain to observe domain-independent events, as demonstrated by observing onkeydown events with caballero-listener. NOTE: according to Microsoft, this is a duplicate of CVE-2008-2947, possibly a different attack vector. Una vulnerabilidad de tipo cross-domain en Microsoft Internet Explorer versiones 7 y 8, permite a los atacantes remotos cambiar la propiedad de ubicación de una trama por medio del tipo de dato Object y usar una trama de un dominio diferente para observar eventos independientes del dominio, como se demuestra mediante la observación de eventos onkeydown con caballero-listener. NOTA: según Microsoft, este es un duplicado del CVE-2008-2947, posiblemente un vector de ataque diferente. • https://www.exploit-db.com/exploits/31996 http://blogs.zdnet.com/security/?p=1348 http://secunia.com/advisories/30851 http://sirdarckcat.blogspot.com/2008/05/ghosts-for-ie8-and-ie75730.html http://technet.microsoft.com/en-us/security/cc405107.aspx#EHD http://www.gnucitizen.org/blog/ghost-busters http://www.kb.cert.org/vuls/id/516627 http://www.vupen.com/english/advisories/2008/1941/references •
CVSS: 7.5EPSS: 1%CPEs: 27EXPL: 0CVE-2004-0867
https://notcve.org/view.php?id=CVE-2004-0867
Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. NOTE: it was later reported that 2.x is also affected. Mozilla Firefox 0.9.2 pemite a sitios web establecer cookies para dominios de nivel superior específicos de países, como .ltd.uk, .plc.uk, y .sch.uk, lo que podría permitir a atacantes remotos realizar ataques de fijación de sesión y secuestrar sesiones HTTP de un usuario. NOTA: se ha informado posteriormente que la versión 2.X también se encuentra afectada por esta vulnerabilidad. • http://kuza55.blogspot.com/2008/02/understanding-cookie-security.html http://marc.info/?l=bugtraq&m=109536612321898&w=2 http://secunia.com/advisories/12580 http://securitytracker.com/id?1011331 http://www.securityfocus.com/bid/11186 https://bugzilla.mozilla.org/show_bug.cgi?id=252342 https://exchange.xforce.ibmcloud.com/vulnerabilities/17415 • CWE-264: Permissions, Privileges, and Access Controls •