Lucene search
K

68 matches found

Cvelist
Cvelist
added 2006/07/14 8:0 p.m.22 views

CVE-2006-3605

Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service crash by setting the Transition property on an uninitialized DXImageTransform.Microsoft.RevealTrans.1 ActiveX Object, which triggers a null dereference...

6.6AI score0.24274EPSS
Exploits1References5
Cvelist
Cvelist
added 2006/07/11 10:0 p.m.18 views

CVE-2006-3512

Internet Explorer 6 on Windows XP allows remote attackers to cause a denial of service crash by setting the Enabled property of a DXTFilter ActiveX object to true, which triggers a null dereference...

6.6AI score0.24274EPSS
Exploits1References4
CVE
CVE
added 2006/07/11 10:0 p.m.48 views

CVE-2006-3512

CVE-2006-3512 affects Internet Explorer 6 on Windows XP. The vulnerability arises when the Enabled property of a DXTFilter ActiveX object is set to true, leading to a null dereference and a remote denial of service. The issue is documented in multiple sources (e.g., NVD) with a CVSS base score of...

5CVSS7AI score0.24274EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2006/07/07 12:0 a.m.47 views

CVE-2006-3427

CVE-2006-3427 affects Microsoft Internet Explorer 6. The issue arises when declaring the sourceURL attribute on an uninitialized DirectAnimation.StructuredGraphicsControl ActiveX Object, causing a null dereference and a denial of service (crash). Documents do not provide patch/version details or ...

5CVSS6.9AI score0.24274EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2006/07/06 1:0 a.m.21 views

CVE-2006-3354

Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service crash by setting the Filter property of an ADODB.Recordset ActiveX object to certain values multiple times, which triggers a null dereference...

6.6AI score0.17071EPSS
Exploits1References4
NVD
NVD
added 2006/06/22 12:6 a.m.23 views

CVE-2006-3014

Microsoft Excel allows user-assisted attackers to execute arbitrary javascript and redirect users to arbitrary sites via an Excel spreadsheet with an embedded Shockwave Flash Player ActiveX Object, which is automatically executed when the user opens the spreadsheet...

5.1CVSS7.2AI score0.30101EPSS
Exploits1References16
UbuntuCve
UbuntuCve
added 2006/06/22 12:6 a.m.40 views

CVE-2006-3014

Microsoft Excel allows user-assisted attackers to execute arbitrary javascript and redirect users to arbitrary sites via an Excel spreadsheet with an embedded Shockwave Flash Player ActiveX Object, which is automatically executed when the user opens the spreadsheet...

5.1CVSS6.1AI score0.30101EPSS
Exploits1References1
CVE
CVE
added 2006/06/22 12:0 a.m.75 views

CVE-2006-3014

CVE-2006-3014 affects Microsoft Excel where embedding a Shockwave Flash Player ActiveX Object inside an XLS can automatically execute, enabling user-assisted arbitrary JavaScript execution and redirection when the spreadsheet is opened. According to SUSE and CPAI advisories, the issue originates ...

5.1CVSS7.2AI score0.30101EPSS
Exploits1References16Affected Software1
myhack58
myhack58
added 2006/03/14 12:0 a.m.14 views

The use of xml+xsl to the client to add the super admin account!- Vulnerability warning-the black bar safety net

Usage: put swords. xml and swords. xsl is placed in an ordinary space, I believe very few people will pay attention to the xml security bar, quack, as long as you want to run the program added to run , the default support for js and vbs. This app was a user of swords, the password for the est of...

7.5AI score
Exploits0
Cvelist
Cvelist
added 2005/09/08 4:0 a.m.17 views

CVE-2005-2844

Buffer overflow in MMClient.exe in Indiatimes Messenger 6.0 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a long group name argument to the RenameGroup function in the MMClient.MunduMessenger.1 ActiveX object...

8AI score0.0495EPSS
Exploits1References5
CVE
CVE
added 2005/09/08 4:0 a.m.37 views

CVE-2005-2844

The CVE-2005-2844 issue affects Indiatimes Messenger 6.0: a buffer overflow in MMClient.exe’s RenameGroup function via a long group name argument of the MMClient.MunduMessenger.1 ActiveX object can cause denial of service and may allow arbitrary code execution. Documents confirm the vulnerable co...

7.5CVSS8.3AI score0.0495EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2004/12/31 5:0 a.m.18 views

CVE-2004-1908

McFreeScan.CoMcFreeScan.1 ActiveX object in Mcafee FreeScan allows remote attackers to obtain sensitive information via the GetSpecialFolderLocation function with certain parameters...

5CVSS6.2AI score0.03394EPSS
Exploits1References7
exploitpack
exploitpack
added 2004/07/13 12:0 a.m.16 views

Microsoft Internet Explorer - Remote Wscript.Shell

Microsoft Internet Explorer - Remote Wscript.Shell ----------------------------------------------------- default.htm ------------------------------------------------------- function InjectedDuringRedirection...

Exploits0
Exploit DB
Exploit DB
added 2004/07/13 12:0 a.m.42 views

Microsoft Internet Explorer - Remote Wscript.Shell

----------------------------------------------------- default.htm ------------------------------------------------------- function InjectedDuringRedirection showModalDialog'md.htm',window,"dialogTop:-1000;dialogLeft:-1000;dialogHeight:1;dialogWidth:1;". location="vbscript:""";...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2003/10/07 4:0 a.m.25 views

CVE-2003-0838

Internet Explorer allows remote attackers to bypass zone restrictions to inject and execute arbitrary programs by creating a popup window and inserting ActiveX object code with a "data" tag pointing to the malicious code, which Internet Explorer treats as HTML or Javascript, but later executes as...

7.2AI score0.35286EPSS
Exploits0References11
exploitpack
exploitpack
added 2002/01/01 12:0 a.m.13 views

Microsoft Internet Explorer 56 - GetObject File Disclosure

Microsoft Internet Explorer 56 - GetObject File Disclosure source: https://www.securityfocus.com/bid/3767/info A flaw exists in Microsoft Internet Explorer that may allow a remote attacker to view known files on a target system when a user views web content containing a specially crafted script...

7.3AI score
Exploits0
Exploit DB
Exploit DB
added 2002/01/01 12:0 a.m.79 views

Microsoft Internet Explorer 5/6 - GetObject File Disclosure

source: https://www.securityfocus.com/bid/3767/info A flaw exists in Microsoft Internet Explorer that may allow a remote attacker to view known files on a target system when a user views web content containing a specially crafted script. The problem occurs when the 'GetObject' JScript function is...

7.4AI score
Exploits0
CVE
CVE
added 2001/09/12 4:0 a.m.56 views

CVE-1999-1453

The CVE-1999-1453 issue concerns Internet Explorer 4 where a remote attacker can read the contents of a user’s clipboard through the Internet WebBrowser ActiveX object. The description indicates an impact on clipboard confidentiality via a WebBrowser ActiveX component, triggered by visiting a mal...

2.6CVSS6.9AI score0.11218EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.23 views

CVE-1999-1110

Windows Media Player ActiveX object as used in Internet Explorer 5.0 returns a specific error code when a file does not exist, which allows remote malicious web sites to determine the existence of files on the client...

6.8AI score0.09817EPSS
Exploits1References2
CVE
CVE
added 2001/05/07 4:0 a.m.54 views

CVE-2001-0149

CVE-2001-0149 affects Windows Scripting Host in Internet Explorer 5.5 and earlier. The vulnerability allows remote attackers to read arbitrary files through the GetObject JavaScript function and the htmlfile ActiveX object. Affected product: Internet Explorer on Windows (older IE versions). Root ...

5CVSS7.4AI score0.32213EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder