CVSS: 7.5EPSS: 93%CPEs: 6EXPL: 7CVE-2005-0233
https://notcve.org/view.php?id=CVE-2005-0233
The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks. • http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html http://marc.info/?l=bugtraq&m=110782704923280&w=2 http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml http://www.mozilla.org/security/announce/mfsa2005-29.html http://www.novell.com/linux/security/advisories/2005_16_mozilla_firefox.html http://www.redhat.com/support/errata/RHSA-2005-176.html http://www.redhat.com/support/errata/ •
CVSS: 4.3EPSS: 1%CPEs: 2EXPL: 0CVE-2002-2414
https://notcve.org/view.php?id=CVE-2002-2414
Opera 6.0.3, when using Squid 2.4 for HTTPS proxying, does not properly handle when accepting a non-global certificate authority (CA) certificate from a site and establishing a subsequent HTTPS connection, which allows remote attackers to cause a denial of service (crash). • http://marc.info/?l=full-disclosure&m=103783186608438&w=2 http://www.iss.net/security_center/static/10673.php http://www.securityfocus.com/bid/6218 •
CVSS: 6.4EPSS: 55%CPEs: 9EXPL: 1CVE-2002-2311
https://notcve.org/view.php?id=CVE-2002-2311
Microsoft Internet Explorer 6.0 and possibly others allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a webpage. NOTE: it was reported that the vendor has disputed the severity of this issue. • http://online.securityfocus.com/archive/1/283866 http://online.securityfocus.com/archive/1/284068 http://www.iss.net/security_center/static/9653.php http://www.securityfocus.com/bid/5290 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 2CVE-2002-2312 – Opera 6.0.1 / Microsoft Internet Explorer 5/6 - JavaScript Modifier Keypress Event Subversion
https://notcve.org/view.php?id=CVE-2002-2312
Opera 6.0.1 allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a webpage. • https://www.exploit-db.com/exploits/21636 http://online.securityfocus.com/archive/1/283866 http://online.securityfocus.com/archive/1/284096 http://www.securityfocus.com/bid/5290 •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0CVE-2002-2332
https://notcve.org/view.php?id=CVE-2002-2332
Buffer overflow in Opera 6.01 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes. • http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-09/0167.html http://www.iss.net/security_center/static/10126.php http://www.securityfocus.com/bid/5717 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •