Lucene search
K

9806 matches found

NVD
NVD
added 2001/04/20 4:0 a.m.25 views

CVE-2001-1325

Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow remote attackers to execute scripts when Active Scripting is disabled by including the scripts in XML stylesheets XSL that are referenced using an IFRAME tag, possibly due to a vulnerability in Windows Scripting Host WSH...

7.5CVSS6.6AI score0.27292EPSS
Exploits1References3
Exploit DB
Exploit DB
added 2001/04/20 12:0 a.m.34 views

Microsoft Internet Explorer 5.0/5.5 / OE 5.5 - XML Stylesheets Active Scripting

source: https://www.securityfocus.com/bid/2633/info A vulnerability exists in the handling of XML stylesheets in Internet Explorer and Outlook Express. If active scripting is disabled in all security zones, IE and OE will still allow script to run if it is contained in the stylesheet of an XML...

7.4AI score
Exploits0
CERT
CERT
added 2000/12/14 12:0 a.m.13 views

Microsoft Internet Explorer vulnerable to file disclosure via code containing GetObject() function

Overview Internet Explorer may disclose files on your computer if you visit a malicious web site or read a mail message with Active Scripting enabled. Description By design, Microsoft Internet Explorer prevents programs on web sites from reading files on your computer without authorization...

5.9AI score
Exploits0References1
exploitpack
exploitpack
added 2000/11/22 12:0 a.m.11 views

Microsoft Windows Media Player 7.0 - .asx Remote Buffer Overflow

Microsoft Windows Media Player 7.0 - .asx Remote Buffer Overflow source: https://www.securityfocus.com/bid/1980/info Windows Media Player is an application used for digital audio, and video content viewing. An unsafe buffer copy involving remotely-obtained data exists in the Active Stream...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2000/10/28 12:0 a.m.26 views

Microsoft Indexing Service (Windows 2000/NT 4.0) - '.htw' Cross-Site Scripting

source: https://www.securityfocus.com/bid/1861/info A cross-site scripting vulnerability has been reported in Microsoft Indexing Services for Windows 2000/NT4 and its handling of the .htw extension. If a user inadvertantly opened a hostile link through a browser or HTML compliant e-mail client,...

7.4AI score
Exploits0
security_vulns
security_vulns
added 2000/10/01 12:0 a.m.33 views

MS IE5 + ftp proxy

Problem: IE5 doesn't use proxy for FTP connection if option "Enable folder view for FTP sites" is checked. This option is checked by default. Configuration: tested in 2 configurations: 1. Windows NT 4.0 wrkst + SP5 + IE5.0 2. Windows NT 4.0 wrkst + SP6a + IE5.01 both has a problems. There is no...

1AI score
Exploits0
securityvulns
securityvulns
added 2000/09/28 12:0 a.m.34 views

DoS против IE/Outlook через Microsoft Media Player

Некорректный OCX-Active X приводит к закрытию почтового клиента с ошибкой...

1.5AI score
Exploits0References2Affected Software1
CERT
CERT
added 2000/09/26 12:0 a.m.60 views

HHControl Object (showHelp) may execute shortcuts embedded in help files

Overview The HHCtrl ActiveX control has a serious vulnerability that allows remote intruders to execute arbitrary code, if the intruder can cause a compiled help file CHM to be stored "locally." Microsoft has released a security bulletin and a patch for this vulnerability, but the patch does not...

5.1CVSS6.2AI score0.06848EPSS
Exploits0References11
Cvelist
Cvelist
added 2000/07/12 4:0 a.m.19 views

CVE-2000-0311

The Windows 2000 domain controller allows a malicious user to modify Active Directory information by modifying an unprotected attribute, aka the "Mixed Object Access" vulnerability...

6.2AI score0.01366EPSS
Exploits0References2
CVE
CVE
added 2000/07/12 4:0 a.m.55 views

CVE-2000-0311

Technical details for CVE-2000-0311 are not publicly available in the provided documents. Monitor for updates.

2.1CVSS6.6AI score0.01366EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2000/07/03 12:0 a.m.273 views

Microsoft Windows SMB Service Enumeration

This plugin implements the SvcOpenSCManager and SvcEnumServices calls to obtain, using the SMB protocol, the list of active and inactive services of the remote host. An attacker may use this feature to gain better knowledge of the remote host. C Tenable Network Security, Inc. include"compat.inc";...

5.5AI score
Exploits0
securityvulns
securityvulns
added 2000/07/01 12:0 a.m.102 views

Security Bulletin (MS00-042)

The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. -----BEGIN PGP SIGNED MESSAGE----- Patch Available for "Active Setup Download" Vulnerability Originally Posted: June 29,...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2000/07/01 12:0 a.m.31 views

Заткнута дырка в IE (CAB AtciveX)

Элемент управления Active X позволял загрузить CAB-файлы подписанные Microsoft в любое место на диске без запроса пользователя, что позволяло испортить имеющиеся системные файлы...

0.8AI score
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2000/06/15 4:0 a.m.23 views

CVE-2000-0400

The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does not restrict which file types can be downloaded, which allows an attacker to download any type of file to a user's system by encoding it within an email message or news post...

6.4AI score0.07402EPSS
Exploits0References2
CVE
CVE
added 2000/06/15 4:0 a.m.56 views

CVE-2000-0400

The CVE-2000-0400 entry refers to the Microsoft Active Movie ActiveX Control in Internet Explorer 5, where the issue stems from shared code handling the Internet cache and file downloads (not the Active Movie control itself). Affected component is msdxm.ocx (ClassID {05589FA1-C356-11CE-BF01-00AA0...

7.5CVSS6.4AI score0.07402EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2000/06/02 4:0 a.m.59 views

CVE-2000-0329

The CVE concerns a Microsoft ActiveX control vulnerability in the Active Setup Control that allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML email. Affected component is an ActiveX control; impact is remote code execution with partia...

5.1CVSS7AI score0.07687EPSS
Exploits0References1Affected Software4
NVD
NVD
added 2000/05/13 4:0 a.m.18 views

CVE-2000-0400

The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does not restrict which file types can be downloaded, which allows an attacker to download any type of file to a user's system by encoding it within an email message or news post...

7.5CVSS6.4AI score0.07402EPSS
Exploits0References2
exploitpack
exploitpack
added 2000/05/13 12:0 a.m.14 views

Microsoft Active Movie Control 1.0 - Filetype

Microsoft Active Movie Control 1.0 - Filetype source: https://www.securityfocus.com/bid/1221/info The Microsoft Active Movie Control a multimedia ActiveX control will download files of any type specified in the control parameters in an HTML document, regardless of whether or not they are a valid...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2000/05/13 12:0 a.m.41 views

Microsoft Active Movie Control 1.0 - Filetype

source: https://www.securityfocus.com/bid/1221/info The Microsoft Active Movie Control a multimedia ActiveX control will download files of any type specified in the control parameters in an HTML document, regardless of whether or not they are a valid media type. A hostile website, HTML email or...

7AI score
Exploits0
securityvulns
securityvulns
added 2000/04/22 12:0 a.m.28 views

Проблемы с длинным расширением в Windows 98

В режиме Active Desktop в Windows 98 имеется переполнение буфера в explorer при длинном расширении файла...

1.6AI score
Exploits0References1Affected Software1
Rows per page
Query Builder