Microsoft Internet Explorer URL validation routine contains a buffer overflow

Overview A vulnerability in Microsoft Internet Explorer could allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Internet Explorer IE contains an unspecified vulnerability in the way that it handles certain URLs. The process that checks the URL contain...

Microsoft Internet Explorer DHTML objects contain a race condition

Overview A race condition in the way that Internet Explorer handles DHTML objects may allow a remote attacker to execute arbitrary code on a vulnerable system. Description According to Microsoft:Dynamic HTML DHTML is built on an object model that extends the traditional static HTML document which...

Microsoft Internet Explorer Content Advisor contains a buffer overflow

Overview A buffer overflow in Microsoft Internet Explorer Content Advisor may allow a remote attacker to execute arbitrary code on a vulnerable system. Description The Content Advisor is used to control what content is viewable in Internet Explorer. A buffer overflow exists in the routines that...

US-CERT Technical Cyber Security Alert TA04-315A -- Buffer Overflow in Microsoft Internet Explorer

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Technical Cyber Security Alert TA04-315A Buffer Overflow in Microsoft Internet Explorer Original release date: November 10, 2004 Last revised: -- Source: US-CERT Systems Affected Microsoft Windows systems running Internet Explorer versions 6.0 and...

Microsoft Internet Explorer vulnerable to buffer overflow via FRAME and IFRAME elements

Overview Microsoft Internet Explorer IE contains a buffer overflow vulnerability that can be exploited to execute arbitrary code with the privileges of the user running IE. Description A heap buffer overflow vulnerability exists in the way IE handles the SRC and NAME attributes of HTML elements...

Microsoft Internet Explorer 6 - Shell.Application Object Script Execution

source: https://www.securityfocus.com/bid/10652/info Microsoft Internet Explorer is reported prone to a security weakness that may permit malicious HTML documents the ability to execute script code. This script code has the ability to alter registry settings that may allow for further attacks. In...

CVE-2003-0662

CVE-2003-0662 describes a buffer overflow in the Windows 2000 Troubleshooter ActiveX Control (Tshoot.ocx). The vulnerability exists in Windows 2000 SP4 and earlier and allows a remote attacker to execute arbitrary code by delivering a crafted HTML document with a long argument to the RunQuery2 me...

Microsoft Internet Explorer 6 - ADODB.Stream Object File Installation

source: https://www.securityfocus.com/bid/10514/info Microsoft Internet Explorer is prone to a security weakness that may permit malicious HTML documents to create or overwrite files on a victim file system when interpreted from the Local Zone or other Security Zones with relaxed security...

Microsoft Internet Explorer 6 - ADODB.Stream Object File Installation

Microsoft Internet Explorer 6 - ADODB.Stream Object File Installation source: https://www.securityfocus.com/bid/10514/info Microsoft Internet Explorer is prone to a security weakness that may permit malicious HTML documents to create or overwrite files on a victim file system when interpreted fro...

Microsoft Internet Explorer 5/6 - Self Executing HTML File

source: https://www.securityfocus.com/bid/6961/info Microsoft Internet Explorer contains a vulnerability that can allow script code within an HTML document to run an embedded executable file. Since the file is an HTML file, Internet Explorer will open and parse the file. When the script that poin...

[LoWNOISE] "Get Knowledge" SunONE Starter Kit - Sun Microsystems/Astaware

LoWNOISE "Get Knowledge" SunONE Starter Kit - Sun Microsystems/Astaware by Efrain 'ET' Torres, Colombia 2002. [email protected] +Disclaimer: blah. +Product: -SunONE Starter Kit v2.0 Sun Microsystems CD-ROM Version -ASTAware SearchDisk 2002. ASTAWARE Technologies Inc. +Introduction You are one of...

CVE-2002-0823

Buffer overflow in Winhlp32.exe allows remote attackers to execute arbitrary code via an HTML document that calls the HTML Help ActiveX control HHCtrl.ocx with a long pathname in the Item parameter...

Microsoft Internet Explorer HTML rendering engine contains buffer overflow processing SRC attribute of HTML <EMBED> directive

Overview The Microsoft Internet Explorer HTML rendering engine contains a vulnerability in its handling of the SRC attribute of the HTML directive. An attacker who is able to convince a user to read a malicious HTML file may be able to crash Internt Explorer or execute arbitrary code with the...

DoS против FrontPage server

При использовании имени DOS-устройства в названии HTML0документа при обращении к shtnl.exe вызывает отказ сервиса в обслуживании...