CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2021-33592
https://notcve.org/view.php?id=CVE-2021-33592
19 Jul 2021 — NAVER Toolbar before 4.0.30.323 allows remote attackers to execute arbitrary code via a crafted upgrade.xml file. Special characters in filename parameter can be the cause of bypassing code signing check function. NAVER Toolbar versiones anteriores a 4.0.30.323, permite a atacantes remotos ejecutar código arbitrario por medio de un archivo upgrade.xml diseñado. Los caracteres especiales en el parámetro filename pueden ser la causa de la omisión de la función de comprobación de la firma del código • https://cve.naver.com/detail/cve-2021-33592 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2253
https://notcve.org/view.php?id=CVE-2017-2253
14 Jul 2017 — Untrusted search path vulnerability in Installer of Yahoo! Toolbar (for Internet explorer) v8.0.0.6 and earlier, with its timestamp prior to June 13, 2017, 18:18:55 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Una vulnerabilidad de ruta (path) de búsqueda no confiable en el instalador de Yahoo! Toolbar (para Internet explorer) versión v8.0.0.6 y anteriores, con su marca de tiempo anterior al 13 de junio de 2017, 18:18:55, permite a un atacante alcanzar privilegio... • https://jvn.jp/en/jp/JVN02852421/index.html • CWE-426: Untrusted Search Path •
CVSS: 6.1EPSS: 0%CPEs: 18EXPL: 4CVE-2004-2475 – Google Toolbar 1.1.x - About.HTML HTML Injection
https://notcve.org/view.php?id=CVE-2004-2475
31 Dec 2004 — Cross-site scripting (XSS) vulnerability in Google Toolbar 2.0.114.1 allows remote attackers to inject arbitrary web script via about.html in the About section. NOTE: some followup posts suggest that the demonstration code's use of the res:// protocol does not cross privilege boundaries, since it is not allowed in the Internet Zone. Thus this might not be a vulnerability. • https://www.exploit-db.com/exploits/24607 •
CVSS: 6.5EPSS: 15%CPEs: 3EXPL: 4CVE-2002-1444 – Google Toolbar 1.1.60 - Search Function Denial of Service
https://notcve.org/view.php?id=CVE-2002-1444
15 Aug 2002 — The Google toolbar 1.1.60, when running on Internet Explorer 5.5 and 6.0, allows remote attackers to cause a denial of service (crash with an exception in oleaut32.dll) via malicious HTML, possibly related to small width and height parameters or an incorrect call to the Google.Search() function. • https://www.exploit-db.com/exploits/21712 •