47 matches found
CVE-1999-0877
Internet Explorer 5 allows remote attackers to read files via an ExecCommand method called on an IFRAME...
EUVD-1999-0970
Malware in sbrugna...
EUVD-1999-0820
Malware in sbrugna...
EUVD-2009-5113
Malware in sbrugna...
CVE-2009-5159
Invision Power Board aka IPB or IP.Board 2.x through 3.0.4, when Internet Explorer 5 is used, allows XSS via a .txt attachment...
Design/Logic Flaw
Invision Power Board aka IPB or IP.Board 2.x through 3.0.4, when Internet Explorer 5 is used, allows XSS via a .txt attachment...
Microsoft Internet Explorer 5 \'INPUT TYPE=FILE\' Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2045/info One of the ways users submit information to remote websites is through the INPUT type form options. Users can upload files to remote webservers with the input type=FILE option. Due to a design error in the...
Microsoft Internet Explorer - Object Tag (MS03-020)
Microsoft Internet Explorer - Object Tag MS03-020 !/usr/bin/perl Proof of concept exploit on IE 5.x - 6.x by Alumni IE-Object longtype dynamic call oferflow url:// the flaw actually exists in URLMON.DLL when converting backslashes to wide char, this can be seen on stack dump near...
DHTML Edit Control for IE5 allows local files to be uploaded to web server
Overview A vulnerability exists in the DHTML Edit Control for IE5 that allows arbitrary local files to be uploaded to a web server. Description DHTML Edit is an activex control that is marked safe-for-scripting. This control can be embedded in a website, and permit local files to be remotely...
Microsoft Internet Explorer 5 - Cascading Style Sheet File Disclosure (MS02-023)
Microsoft Internet Explorer 5 - Cascading Style Sheet File Disclosure MS02-023 source: https://www.securityfocus.com/bid/4411/info The Cascading Style-Sheets CSS interpreter for Microsoft Internet Explorer is prone to an issue which may allow an attacker to read the contents of files on a web...
CVE-2000-0662
The CVE-2000-0662 entry describes a vulnerability in Internet Explorer 5.x and Microsoft Outlook where remote attackers can read arbitrary files by redirecting the contents of an IFRAME via the DHTML Edit Control (DHTMLED). The root cause is tied to the DHTMLED component handling dynamic HTML/IFR...
Microsoft Internet Explorer 5 - INPUT TYPEFILE Remote File Upload
Microsoft Internet Explorer 5 - INPUT TYPEFILE Remote File Upload font size="3" color="white...
CVE-2000-0400
The CVE-2000-0400 entry refers to the Microsoft Active Movie ActiveX Control in Internet Explorer 5, where the issue stems from shared code handling the Internet cache and file downloads (not the Active Movie control itself). Affected component is msdxm.ocx (ClassID {05589FA1-C356-11CE-BF01-00AA0...
ie-iframe.txt
Georgi Guninski security advisory 12, 2000 IE 5 Cross-frame security vulnerability using IFRAME and WebBrowser control Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer applies, especially the fact that Georgi Guninski...
IE 5 Cross-frame security vulnerability using IFRAME and WebBrowser control
Georgi Guninski security advisory 12, 2000 IE 5 Cross-frame security vulnerability using IFRAME and WebBrowser control Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer applies, especially the fact that Georgi Guninski...
CVE-2000-0061
CVE-2000-0061 affects Internet Explorer 5. The vulnerability: during window loading, the document’s security zone is not updated until after loading, permitting a remote attacker to execute JavaScript in a different security context while the page is loading. The record indicates a maximum CVSS v...
CVE-2000-0061
Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document has been loaded, which could allow remote attackers to execute Javascript in a different security context while the document is loading...
ie5.cross-frame.txt
Georgi Guninski security advisory 4, 2000 IE 5 security vulnerablity - circumventing Cross-frame security policy and accessing the DOM of "old" documents. Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer applies,...
CVE-2000-0061
Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document has been loaded, which could allow remote attackers to execute Javascript in a different security context while the document is loading...
CVE-1999-0802
Summary: CVE-1999-0802 concerns a buffer overflow in Internet Explorer 5 that enables remote command execution via a malformed Favorites icon. The connected Red Hat and CVE records mirror the same description. The core detail is the vulnerability class (buffer overflow) in the browser component; ...