CVSS: 5.3EPSS: 0%CPEs: 101EXPL: 1CVE-2010-5071
https://notcve.org/view.php?id=CVE-2010-5071
07 Dec 2011 — The JavaScript implementation in Microsoft Internet Explorer 8.0 and earlier does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method. La ejecución de JavaScript en Microsoft Internet Explorer v8.0 y anteriores, no restringe adecuadamente el conjunto de valores contenidos en el objeto devuelto por el método getComputedStyle, lo que permite a atacan... • http://w2spconf.com/2010/papers/p26.pdf • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 101EXPL: 1CVE-2002-2435
https://notcve.org/view.php?id=CVE-2002-2435
07 Dec 2011 — The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264. La implementación de las Hojas de Estilo en Cascada (CSS) en Microsoft Internet Explorer, no controla correctamente el :visited pseudo-class, lo que permite a atacantes remotos obtener información sensible acerca de ... • http://bugzilla.mozilla.org/show_bug.cgi?id=147777 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 2%CPEs: 14EXPL: 2CVE-2009-2433 – Microsoft Internet Explorer - 'AddFavorite' Remote Crash (PoC)
https://notcve.org/view.php?id=CVE-2009-2433
10 Jul 2009 — Stack-based buffer overflow in the AddFavorite method in Microsoft Internet Explorer allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a long URL in the first argument. Desbordamiento de búfer basado en pila en el método AddFavorite en Microsoft Internet Explorer permite a atacantes remotos provocar una denegación de servicio (cuelgue de aplicación) y posiblemente tiene otro impacto no especificado a través de una URL larga en el primer a... • https://www.exploit-db.com/exploits/9100 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 18EXPL: 0CVE-2009-2064
https://notcve.org/view.php?id=CVE-2009-2064
15 Jun 2009 — Microsoft Internet Explorer 8, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site, related to "HTTP-Intended-but-HTTPS-Loadable (HPIHSL) pages." Microsoft Internet Explorer 8, y posiblemente otras versiones, detecta contenido http en páginas web https... • http://research.microsoft.com/apps/pubs/default.aspx?id=79323 • CWE-287: Improper Authentication •
CVSS: 9.3EPSS: 32%CPEs: 3EXPL: 2CVE-2008-2281 – Microsoft Internet Explorer - Print Table of Links Cross-Zone Scripting
https://notcve.org/view.php?id=CVE-2008-2281
18 May 2008 — Cross-zone scripting vulnerability in the Print Table of Links feature in Internet Explorer 6.0, 7.0, and 8.0b allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via an HTML document with a link containing JavaScript sequences, which are evaluated by a resource script when a user prints this document. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la característica Print Table of Links de Internet Explorer 6.0, 7.0 y 8.0b permite a at... • https://www.exploit-db.com/exploits/5619 •