Cross site scripting

Cross-Application Scripting XAS vulnerability in ICQ Client 5.04 build 2321 and earlier allows remote attackers to inject arbitrary web script from one application into another via a banner, which is processed in the My Computer zone using the Internet Explorer COM object...

CVE-2006-2303

Cross-Application Scripting XAS vulnerability in ICQ Client 5.04 build 2321 and earlier allows remote attackers to inject arbitrary web script from one application into another via a banner, which is processed in the My Computer zone using the Internet Explorer COM object...

[Full-Disclosure] Microsoft Help and Support Center argument injection vulnerability

OVERVIEW ======== "Help and Support Center HSC is a feature in Windows that provides help on a variety of topics" from www.microsoft.com. It can be accessed via HCP: URLs. HSC is installed by default on Windows XP and Windows Server 2003 systems. An argument injection vulnerability in HSC allows ...

PT-2003-1822 · Realnetworks · Realone Player

Name of the Vulnerable Software and Affected Versions: RealOne player affected versions not specified Description: The issue allows remote attackers to execute arbitrary script in the "My Computer" zone. This is achieved via a SMIL presentation with a URL that references a scripting protocol. The...

CVE-2003-0531

Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to access and execute script in the My Computer domain using the browser cache via crafted Content-Type and Content-Disposition headers, aka the "Browser Cache Script Execution in My Computer Zone" vulnerability...

CVE-2002-1442

Affected product: Google Toolbar (IE) up to version 1.1.58 and earlier. Vulnerability: remote sites could trigger unauthorized toolbar operations, including script execution and file reading in other zones (e.g., My Computer) by opening a window to tools.google.com or the res: protocol and then u...