Lucene search
K

48 matches found

NVD
NVD
added 2008/08/13 12:42 p.m.22 views

CVE-2008-2254

Microsoft Internet Explorer 6 and 7 accesses uninitialized memory, which allows remote attackers to cause a denial of service crash and execute arbitrary code via unknown vectors, aka "HTML Object Memory Corruption Vulnerability."...

9.3CVSS7.5AI score0.29284EPSS
Exploits1References8
seebug.org
seebug.org
added 2008/06/12 12:0 a.m.31 views

Microsoft IE HTML对象substringData()堆溢出漏洞(MS08-031)

BUGTRAQ ID: 29556 CVECAN ID: CVE-2008-1442 Internet Explorer是微软发布的非常流行的WEB浏览器。 Internet Explorer显示包含对HTML对象的某些异常方法调用的网页的方式中存在堆溢出漏洞,如果DOM对象以可控的方式调用了substringData的话,就可以触发这个漏洞。攻击者可以通过构建特制的网页来利用该漏洞。当用户查看网页时,该漏洞可能允许远程执行指令。成功利用此漏洞的攻击者可以获得与登录用户相同的用户权限。 Microsoft Internet Explorer 7.0 Microsoft Internet...

9.3CVSS6.4AI score0.38835EPSS
Exploits1
0day.today
0day.today
added 2005/08/12 12:0 a.m.20 views

MS Internet Explorer COM Objects File Download Exploit (MS05-038)

Exploit for unknown platform in category remote exploits ================================================================= MS Internet Explorer COM Objects File Download Exploit MS05-038 =================================================================...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2003/09/09 12:0 a.m.24 views

Re: BAD NEWS: Microsoft Security Bulletin MS03-032

The patch for Drew's object data=funky.hta doesn't work: This is the exact same issue as http://greymagic.com/adv/gm001-ie/, which explains the problem in detail. Microsoft again patches the object element in HTML, but it doesn't patch the dynamic version of that same element. 1. Disable Active...

0.1AI score
Exploits0
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.23 views

CVE-2002-0191

Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to view arbitrary files that contain the "" character via script containing the cssText property of the stylesheet object, aka "Local Information Disclosure through HTML Object" vulnerability...

6.4AI score0.29692EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2002/07/10 12:0 a.m.38 views

Microsoft Internet Explorer 5/6 - OBJECT Tag Same Origin Policy Violation

source: https://www.securityfocus.com/bid/5196/info Microsoft Internet Explorer allows script code to violate the same origin policy through usage of the HTML OBJECT tag. Malicious script code may obtain a legitimate reference to an embedded object containing a web page from the same domain. This...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/04/20 12:0 a.m.9 views

Microsoft Internet Explorer 56 - Self-Referential Object Denial of Service

Microsoft Internet Explorer 56 - Self-Referential Object Denial of Service source: https://www.securityfocus.com/bid/4564/info Microsoft Internet Explorer is vulnerable to a denial of service due to an error in handling certain self-referential definitions in HTML documents. This occurs when an...

Exploits0
CVE
CVE
added 2000/10/13 4:0 a.m.50 views

CVE-2000-0596

Summary: The CVE-2000-0596 issue involves Internet Explorer (IE 5.x/IE 5.01) opening Microsoft Access database/project files via HTML OBJECT tags without warning, enabling remote code execution via embedded VBA/macro. Affected components: IE’s handling of OBJECT tags referencing Access file types...

7.5CVSS7.1AI score0.2477EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder