Lucene search
K

1305 matches found

CVE
CVE
added 2002/03/15 5:0 a.m.51 views

CVE-2001-1219

The vulnerability affects Microsoft Internet Explorer 6.0 and earlier , where a malicious page can cause a denial‑of‑service by repeatedly refreshing the window via self.location, potentially crashing the client. The provided documents identify the basic behavior but do not specify vendor patches...

5CVSS6.7AI score0.0604EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2002/03/08 5:0 a.m.23 views

CVE-2002-0057

XMLHTTP control in Microsoft XML Core Services 2.6 and later does not properly handle IE Security Zone settings, which allows remote attackers to read arbitrary files by specifying a local file as an XML Data Source...

5CVSS6.4AI score0.19175EPSS
Exploits0References6
CERT
CERT
added 2001/09/19 12:0 a.m.25 views

IE fails to check certificates properly if initial SSL connection originates in an IFRAME or Image

Overview Several flaws exist in Microsoft Internet Explorer that could allow an attacker to masquerade as a legitimate web site if the attacker can compromise the validity of certain DNS information. These problems are different from the problems reported in CERT Advisory CA-2000-05 and CERT...

2.6CVSS6AI score0.04835EPSS
Exploits0References1
CVE
CVE
added 2001/09/12 4:0 a.m.46 views

CVE-1999-1474

CVE-1999-1474 concerns PowerPoint 95 and 97 where opening a document in a browser (e.g., Internet Explorer) could trigger an automatic execution of an application without user prompting. The available sources describe that remote attackers could cause an application to run automatically via the s...

7.5CVSS7.1AI score0.09367EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2001/05/07 4:0 a.m.71 views

CVE-2001-0150

Affected software: Internet Explorer 5.5 and earlier running on Windows, when used with the Telnet client provided by Services for Unix (SFU) 2.0. Vulnerability: IE can invoke Telnet with unsafe command-line arguments supplied by a web page, enabling remote attackers to cause arbitrary command ex...

5.1CVSS7.8AI score0.17594EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2001/01/22 5:0 a.m.73 views

CVE-2000-0982

Consolidated details: The CVE affects Internet Explorer prior to version 5.5, where cached credentials for a secure site could be forwarded to insecure pages on the same site. This exposure could let remote attackers obtain credentials by monitoring connections to the web server. Root cause is th...

7.5CVSS6.9AI score0.12611EPSS
Exploits1References4Affected Software1
securityvulns
securityvulns
added 2000/11/21 12:0 a.m.33 views

IE 5.x/Outlook allows executing arbitrary programs using .chm files and temporary internet files folder

Georgi Guninski security advisory 28, 2000 IE 5.x/Outlook allows executing arbitrary programs using .chm files and temporary internet files folder Systems affected: IE 5.x/Outlook/Outlook Express - probably other versions, have not tested Risk: High Date: 20 October 2000 Legal Notice: This Adviso...

7.3AI score
Exploits0
Packet Storm
Packet Storm
added 2000/11/14 12:0 a.m.31 views

guninski27.txt

Georgi Guninski security advisory 27, 2000 IE 5.x Win2000 Indexing service vulnerability Systems affected: IE 5.x/Outlook/Outlook Express - Windows 2000 with Indexing service started Risk: Medium Date: 10 November 2000 Legal Notice: This Advisory is Copyright c 2000 Georgi Guninski. You may...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/10/19 12:0 a.m.27 views

IE 5.5/Outlook java security vulnerability - reading arbitrary local files and URLs

Georgi Guninski security advisory 24, 2000 IE 5.5/Outlook java security vulnerability - reading arbitrary local files and URLs Systems affected: IE 5.5/Outlook/Outlook Express - probably other versions, have not tested Risk: High Date: 18 October 2000 Legal Notice: This Advisory is Copyright c 20...

0.2AI score
Exploits0
CVE
CVE
added 2000/10/13 4:0 a.m.85 views

CVE-2000-0518

This CVE concerns Internet Explorer 4.x/5.x where SSL certificate validation is incomplete when the connection is initiated via an image or an iframe. The underlying issue is that IE verifies only that the certificate was issued by a trusted root, but does not confirm the server name or the certi...

2.6CVSS6.6AI score0.04835EPSS
Exploits0References5Affected Software2
CVE
CVE
added 2000/10/13 4:0 a.m.59 views

CVE-2000-0597

The CVE-2000-0597 entry concerns Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97. The vulnerability arises because these products are marked as safe for scripting, enabling a remote attacker to coax Internet Explorer or some email clients to save files to arbitrary locations via th...

7.5CVSS7.1AI score0.12148EPSS
Exploits0References3Affected Software2
securityvulns
securityvulns
added 2000/10/06 12:0 a.m.55 views

IE 5.5/Outlook security vulnerability - com.ms.activeX.ActiveXComponent allows executing arbitrary programs

Georgi Guninski security advisory 23, 2000 IE 5.5/Outlook security vulnerability - com.ms.activeX.ActiveXComponent allows executing arbitrary programs Systems affected: IE 5.5/Outlook/Outlook Express - probably other versions, have not tested Risk: High Date: 5 October 2000 Legal Notice: This...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2000/09/27 12:0 a.m.46 views

IE 5.5/Outlook Express security vulnerability - GetObject() expose user's files

Georgi Guninski security advisory 22, 2000 IE 5.5/Outlook Express security vulnerability - GetObject expose user's files Systems affected: IE 5.5, Outlook Express,probably Outlook - Win98/2000. Probably other versions - have not tested. Risk: High Date: 26 September 2000 Legal Notice: This Adviso...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2000/08/16 12:0 a.m.31 views

ie5-msn.exec.txt

This is a multi-part message in MIME format. --------------CEF2E6A38C7BDB5B012ADFB8 Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Georgi Guninski security advisory 18, 2000 IE 5.5/5.x for Win98 may execute arbitrary files that can be accessed thru Microsoft Networking...

Exploits0
securityvulns
securityvulns
added 2000/07/15 12:0 a.m.26 views

IE 5.5 and 5.01 vulnerability - reading at least local and from any host text and parsed html files

Georgi Guninski security advisory 16, 2000 IE 5.5 and 5.01 vulnerability - reading at least local and from any host text and parsed html files Systems affected: IE 5.5, 5.01 / Win98 - probably other versions, have not tested Risk: Medium Disclaimer: The opinions expressed in this advisory and...

6.6AI score
Exploits0
Packet Storm
Packet Storm
added 2000/06/29 12:0 a.m.24 views

ie5-excel-powerpoint.txt

Georgi Guninski security advisory 13, 2000 IE 5 and Excel 2000, PowerPoint 2000 vulnerability - executing programs Systems affected: IE 5.01, Excel 2000, PowerPoint 2000, Win98 - probably other versions, have not tested Risk: High Disclaimer: The opinions expressed in this advisory and program ar...

Exploits0
Packet Storm
Packet Storm
added 2000/06/29 12:0 a.m.19 views

ie5-access2000.txt

Georgi Guninski security advisory 14, 2000 IE 5 and Access 2000 vulnerability - executing programs Systems affected: IE 5.01, Access 2000, Win98 - probably other versions, have not tested Risk: High Disclaimer: The opinions expressed in this advisory and program are my own and not of any company...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/05/31 12:0 a.m.23 views

Win 2000 & IE 'shell://' problem?

I found that IE 5 running Win 2000 accepts "shell://" as a legal protocol, and when any URL ie "shell://localhost" or just "shell://" is loaded IE crashes and brings explorer.exe down with it. I think this would cause a user who didnt know much to think that Win 2000 had crashed of course killing...

6.7AI score
Exploits0
CVE
CVE
added 2000/03/22 5:0 a.m.65 views

CVE-2000-0162

Technical details (affected product/version, exploitability, and mitigations) are not publicly available in the provided documents. Monitor for updates from official advisories to confirm impact and remediation guidance.

5.1CVSS6.8AI score0.07554EPSS
Exploits0References1Affected Software3
CVE
CVE
added 2000/02/04 5:0 a.m.50 views

CVE-1999-0488

CVE-1999-0488 affects Internet Explorer 4.0 and 5.0. The vulnerability is a variant of the “cross frame” issue that allows a remote attacker to execute security scripts in a different security context via malicious URLs. The description indicates this is a remote code execution-style weakness thr...

7.5CVSS7.4AI score0.11569EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder