Lucene search
K

293 matches found

securityvulns
securityvulns
added 2005/06/29 12:0 a.m.50 views

[Full-disclosure] SEC-CONSULT SA-20050629-0

SEC-CONSULT Security Advisory 20050629-0 ================================================================================== title: IE6 javaprxy.dll COM instantiation heap corruption vulnerability program: Internet Explorer vulnerable version: 6.0.2900.2180 homepage: www.microsoft.com found:...

7.9AI score
Exploits0
NVD
NVD
added 2005/05/02 4:0 a.m.20 views

CVE-2005-0063

The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML Application Host MSHTA, as demonstrated using a...

7.5CVSS7.1AI score0.51684EPSS
Exploits0References12
CVE
CVE
added 2005/04/13 4:0 a.m.76 views

CVE-2005-0063

The CVE-2005-0063 issue stems from Windows Shell/MSHTA handling of file associations. A remote code execution vulnerability exists when a user opens a specially crafted OLE2 document (e.g., Word) whose CLSID is manipulated to invoke HTML Application Host (MSHTA) to process the file. Exploitation ...

7.5CVSS7.1AI score0.51684EPSS
Exploits0References12Affected Software6
Cvelist
Cvelist
added 2005/04/13 4:0 a.m.27 views

CVE-2005-0063

The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML Application Host MSHTA, as demonstrated using a...

7.1AI score0.51684EPSS
Exploits0References12
securityvulns
securityvulns
added 2005/04/13 12:0 a.m.68 views

iDEFENSE Security Advisory 04.12.05: Microsoft MSHTA Script Execution Vulnerability

Microsoft MSHTA Script Execution Vulnerability iDEFENSE Security Advisory 04.12.05 www.idefense.com/application/poi/display?id=231&type=vulnerabilities April 12, 2005 I. BACKGROUND Microsoft HTML Application Host MSHTA is part of the Microsoft Windows operating system and is needed to execute .HT...

7.5CVSS0.51684EPSS
Exploits0
securityvulns
securityvulns
added 2005/04/13 12:0 a.m.22 views

Microsoft Windows MSHTA code execution

Content type of the file is determined based on CLSID in file content, not by it's extention...

1.7AI score
Exploits0References2
CVE
CVE
added 2004/09/01 4:0 a.m.52 views

CVE-2001-0643

Affected software: Internet Explorer 5.5. Issue: CLSID not displayed when it appears at the end of a file name, enabling spoofing of file type and potentially deceiving users into executing a dangerous program. Impact: user may run unintended or unsafe code due to misleading file type indication....

5CVSS6.9AI score0.1036EPSS
Exploits1References7Affected Software1
CERT
CERT
added 2004/07/14 12:0 a.m.30 views

Microsoft Windows contains a vulnerability in the way the Windows Shell launches applications

Overview Microsoft Windows contains a remote code execution vulnerability in the way that the Windows Shell launches applications. An remote attacker could exploit this vulnerability to execute arbitrary code if they could trick a user into visiting a malicious website. Description Microsoft...

10CVSS7.2AI score0.46012EPSS
Exploits1References1
NVD
NVD
added 2004/02/11 5:0 a.m.27 views

CVE-2004-2083

Opera Web Browser 7.0 through 7.23 allows remote attackers to trick users into executing a malicious file by embedding a CLSID in the file name, which causes the malicious file to appear as a trusted file type, aka "File Download Extension Spoofing."...

2.6CVSS6.6AI score0.02555EPSS
Exploits1References6
NVD
NVD
added 2002/12/31 5:0 a.m.19 views

CVE-2002-1984

Microsoft Internet Explorer 5.0.1 through 6.0 on Windows 2000 or Windows XP allows remote attackers to cause a denial of service crash via an OBJECT tag that contains a crafted CLASSID CLSID value of "CLSID:00022613-0000-0000-C000-000000000046"...

5CVSS6.6AI score0.0914EPSS
Exploits1References2
Exploit DB
Exploit DB
added 2001/04/17 12:0 a.m.34 views

Microsoft Internet Explorer 5.5 - CLSID File Execution

source: https://www.securityfocus.com/bid/2612/info The default operation performed to open a filetype is determining by referencing the filetype's CLSID. Due to a flaw in the interpretation of CLSIDs when appended to a filename, it is possible to specify a different default action for a given fi...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2001/04/17 12:0 a.m.25 views

Microsoft Internet Explorer 5.5 - CLSID File Execution

Microsoft Internet Explorer 5.5 - CLSID File Execution source: https://www.securityfocus.com/bid/2612/info The default operation performed to open a filetype is determining by referencing the filetype's CLSID. Due to a flaw in the interpretation of CLSIDs when appended to a filename, it is possib...

7.5AI score
Exploits0
Packet Storm
Packet Storm
added 2001/04/17 12:0 a.m.23 views

clsidext.txt

[email protected] Georgi Guninski security advisory 42, 2001 Double clicking on innocent looking files may be dangerous Systems affected: Windows Explorer, Internet Explorer - Windows 98, 2000 - when browsing directories or shares Risk: High Date: 16 April 2001 Legal Notice: This Advisory is...

7.4AI score
Exploits0
Rows per page
Query Builder