Microsoft Internet Explorer executes scripts when scripting has been disabled after bypassing initial security checks

Overview A vulnerability exists in Microsoft Internet Explorer that could permit an attacker to execute arbitrary script, even if the user has specifically disabled active scripting. Description Internet Explorer permits users to customize settings that enable and disable the ability of scripts t...

IE dot bug - Sandblad advisory #7

Sandblad advisory 7 - ---..---..---..---..---..---..---..---..---..---..---..---..---- Title: IE dot bug updated IE: Remote webpage can script in local zone Date: 2002-05-19 Software: Internet Explorer Patches: MS02-023, MS02-015 issue still not 100 solved Vendor: http://www.microsoft.com/...

CVE-2001-1325

CVE-2001-1325 affects Internet Explorer 5.0/5.5 and Outlook Express 5.0/5.5. The vulnerability allows remote script execution when Active Scripting is disabled if scripts are embedded in XML stylesheets (XSL) loaded via an IFRAME, potentially tied to Windows Scripting Host (WSH). OpenVAS findings...

CVE-2001-1325

Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow remote attackers to execute scripts when Active Scripting is disabled by including the scripts in XML stylesheets XSL that are referenced using an IFRAME tag, possibly due to a vulnerability in Windows Scripting Host WSH...

Scripting for the scriptless with OWC in IE (GM#005-IE)

GreyMagic Security Advisory GM005-IE ===================================== By GreyMagic Software, Israel. 08 Apr 2002. Available in HTML format at http://security.greymagic.com/adv/gm005-ie/. Topic: Scripting for the scriptless with OWC in IE. Discovery date: 10 Mar 2002. Affected applications:...

IE execution of arbitrary commands without Active Scripting or ActiveX (GM#001-IE)

GreyMagic Security Advisory GM001-IE ===================================== by GreyMagic Software, Israel. 27 Feb 2002. Topic: Executing arbitrary commands without Active Scripting or ActiveX. Discovery date: 25 Feb 2002. Affected applications: ====================== Any application that hosts the...

More reading of local files in MSIE

More reading of local files in MSIE Description There is a security vulnerability in IE 5.5 and 6 probably other versions as well which allows reading and sending of local files. The problem lies in the fact that you are able to access a local file's dom by calling the execScript function on a...

Microsoft Internet Explorer does not properly handle document.open()

Overview Microsoft Internet Explorer contains a vulnerability in which a script from one source is permitted to access files on the client's file system. An attacker may be able to read cookies and other files on a target system, and spoof Internet sites by creating believable window titles...

MSIE6 can read local files

Description There is a bug in the Microsoft.XMLHTTP component shipped with Internet Explorer 6 which allows reading and sending local files. This component doesn't handle http redirects to local files properly In order for this exploit to work the file name must be known. The exploit doesn't...

Security Bulletin MS01-055

---------------------------------------------------------------------- Title: Cookie Data in IE Can Be Exposed or Altered Through Script Injection Date: 08 November 2001 Software: Internet Explorer Impact: Exposure and altering of data in cookies Max Risk: High Bulletin: MS01-055 Microsoft...

iexslt.txt

[email protected] Georgi Guninski security advisory 43, 2001 XML scripting in IE, Outlook Express Systems affected: Internet Explorer 5.x - including full patched up to now though Microsoft cannot reproduce the problem on fully patched IE 5.x ,Outlook Express probably Outlook have not tested...

CVE-2001-1325

Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow remote attackers to execute scripts when Active Scripting is disabled by including the scripts in XML stylesheets XSL that are referenced using an IFRAME tag, possibly due to a vulnerability in Windows Scripting Host WSH...

Microsoft Internet Explorer 5.0/5.5 / OE 5.5 - XML Stylesheets Active Scripting

source: https://www.securityfocus.com/bid/2633/info A vulnerability exists in the handling of XML stylesheets in Internet Explorer and Outlook Express. If active scripting is disabled in all security zones, IE and OE will still allow script to run if it is contained in the stylesheet of an XML...

Microsoft Internet Explorer vulnerable to file disclosure via code containing GetObject() function

Overview Internet Explorer may disclose files on your computer if you visit a malicious web site or read a mail message with Active Scripting enabled. Description By design, Microsoft Internet Explorer prevents programs on web sites from reading files on your computer without authorization...

HHControl Object (showHelp) may execute shortcuts embedded in help files

Overview The HHCtrl ActiveX control has a serious vulnerability that allows remote intruders to execute arbitrary code, if the intruder can cause a compiled help file CHM to be stored "locally." Microsoft has released a security bulletin and a patch for this vulnerability, but the patch does not...

IE 5 security vulnerablity - circumventing Cross-frame security policy using Java/JavaScript (and disabling Active Scripting is not that easy)

Georgi Guninski security advisory 10, 2000 IE 5 security vulnerablity - circumventing Cross-frame security policy using Java/JavaScript and disabling Active Scripting is not that easy Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual...

ie5-chm.txt

Georgi Guninski security advisory 8, 2000 IE 5.x allows executing arbitrary programs using .chm files Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer applies, especially the fact that Georgi Guninski is not liable fo...

outlook5.vuln.txt

Georgi Guninski security advisory 6, 2000 Outlook Express 5 vulnerability - Active Scripting may read email messages Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer applies, especially the fact that Georgi Guninski i...

Microsoft Outlook Express 5 - JavaScript Email Access

Microsoft Outlook Express 5 - JavaScript Email Access source: https://www.securityfocus.com/bid/962/info Microsoft Outlook Express 5, and possibly other email clients that parse HTML messages, can be made to run Active Scripting that will read any new messages that arrive after the hostile code h...

Microsoft Outlook Express 5 - JavaScript Email Access

source: https://www.securityfocus.com/bid/962/info Microsoft Outlook Express 5, and possibly other email clients that parse HTML messages, can be made to run Active Scripting that will read any new messages that arrive after the hostile code has been run. Example code: a=window.open"about:Click...