CVE-1999-0487

The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files...

CVE-2004-1319

The CVE-2004-1319 issue concerns the DHTML Editing Component ActiveX control (dhtmled.ocx) used by Internet Explorer. The vulnerability is cross-domain in nature and could allow remote code execution or information disclosure by exploiting the control from a malicious page, potentially granting a...

CVE-2004-1319

The DHTML Edit Control dhtmled.ocx allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as...

CVE-2004-1319

The DHTML Edit Control dhtmled.ocx allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as...

MSIE DHTML Edit Control Cross Site Scripting Vulnerability

Note: This vulnerability as well as many more can be seen at http://freehost07.websamba.com/greyhats/ MSIE DHTML Edit Control Cross Site Scripting Vulnerability Tested IEXPLORE.EXE file version 6.0.2900.2180 MSHTML.DLL file version 6.00.2800.1400 Microsoft Windows XP Home SP2 Discussion I...

DHTML Edit Control for IE5 allows local files to be uploaded to web server

Overview A vulnerability exists in the DHTML Edit Control for IE5 that allows arbitrary local files to be uploaded to a web server. Description DHTML Edit is an activex control that is marked safe-for-scripting. This control can be embedded in a website, and permit local files to be remotely...

CVE-2000-0662

The CVE-2000-0662 entry describes a vulnerability in Internet Explorer 5.x and Microsoft Outlook where remote attackers can read arbitrary files by redirecting the contents of an IFRAME via the DHTML Edit Control (DHTMLED). The root cause is tied to the DHTMLED component handling dynamic HTML/IFR...

CVE-2000-0662

Internet Explorer 5.x and Microsoft Outlook allows remote attackers to read arbitrary files by redirecting the contents of an IFRAME using the DHTML Edit Control DHTMLED...

CVE-2000-0662

Internet Explorer 5.x and Microsoft Outlook allows remote attackers to read arbitrary files by redirecting the contents of an IFRAME using the DHTML Edit Control DHTMLED...

CVE-1999-0487

The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files...

CVE-1999-0487

The vulnerability CVE-1999-0487 affects the DHTML Edit ActiveX control (dhtmled.ocx) used by Internet Explorer. The control can read arbitrary local files, enabling an attacker to exfiltrate data through the browser. Concrete details confirm affected software and root cause: Internet Explorer wit...

msie.fixes.4.99.txt

Date: Wed, 21 Apr 1999 18:13:39 -0700 From: [email protected] To: [email protected] Subject: Microsoft Security Bulletin MS99-011 The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an...

msie.5.dhtml.cuartango.txt

Date: Wed, 24 Mar 1999 12:11:09 +0100 From: Juan Carlos Garcia Cuartango To: [email protected] Subject: IE 5 security vulnerabilities Greetings, Microsoft delivers with IE 5 an Active X control called "DHTML Edit control Safe for Scripting for IE 5". In my opinion this control IS N...

CVE-1999-0487

The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files...

Microsoft Internet Explorer 4/5 - DHTML Edit ActiveX Control File Stealing / Cross Frame Access

source: https://www.securityfocus.com/bid/116/info Vulnerabilities in an ActiveX control distributed with Internet Explorer 5 and available for Internet Explorer 4 allow malicous web sites to steal local files and to bypass cross-frame security rules. The DHTML Edit Control Safe for Scripting...