4 matches found
CVE-2006-5152
Cross-site scripting XSS vulnerability in Microsoft Internet Explorer allows remote attackers to inject arbitrary web script or HTML via a UTF-7 encoded URL that is returned in a large HTTP 404 error message without an explicit charset, a related issue to CVE-2006-0032...
CVE-2006-0032
Microsoft Windows Indexing Service vulnerability (CVE-2006-0032) is a cross-site scripting flaw in the Indexing Service component of Windows 2000/XP/Server 2003 when Encoding is set to Auto Select. An attacker can craft a UTF-7 URL that is injected into an error message, potentially executing scr...
CVE-2006-0032
Cross-site scripting XSS vulnerability in the Indexing Service in Microsoft Windows 2000, XP, and Server 2003, when the Encoding option is set to Auto Select, allows remote attackers to inject arbitrary web script or HTML via a UTF-7 encoded URL, which is injected into an error message whose...
Microsoft Security Bulletin MS06-053 Vulnerability in Indexing Service Could Allow Cross-Site Scripting (920685)
Microsoft Security Bulletin MS06-053 Vulnerability in Indexing Service Could Allow Cross-Site Scripting 920685 Published: September 12, 2006 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Windows Impact of Vulnerability: Information Disclosure Maximum Severity...