24 matches found
CVE-1999-0468
Internet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system using the Microsoft Scriptlet Component...
CVE-1999-0488
Internet Explorer 4.0 and 5.0 allows a remote attacker to execute security scripts in a different security context using malicious URLs, a variant of the "cross frame" vulnerability...
IPB v2.x up to 3.0.4 XSS vulnerability
Invision Power Board XSS vulnerability Software : Invision Power Board IPB Affected : IPB v2.x up to v3.0.4 prior versions might be vulnerable as well Remote : Yes Required : Internet Explorer +5.0 Vendor : http://www.invisionpower.com/ Download : Commercially available Author : Xacker Contact :...
CVE-2003-0469
Buffer overflow in the HTML Converter HTML32.cnv on various Windows operating systems allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via cut-and-paste operation, as demonstrated in Internet Explorer 5.0 using a long "align" argument in an HR tag...
CVE-2003-0469
CVE-2003-0469 describes a buffer-overflow in the HTML Converter (html32.cnv) used by Windows applications (via IE and other components). The flaw can be triggered during a cut‑and‑paste operation with a crafted HR tag (align attribute), potentially allowing remote code execution with the privileg...
Internet Explorer >=5.0 : Buffer overflow
script wnd=open"about:blank","",""; wnd.moveToscreen.Width,screen.Height; WndDoc=wnd.document; WndDoc.open; WndDoc.clear; buffer=""; fori=1;i=127;i++buffer+="X"; buffer+="DigitalScream"; WndDoc.write"HR align='"+buffer+"'"; WndDoc.execCommand"SelectAll"; WndDoc.execCommand"Copy"; wnd.close; /scri...
CVE-2001-1325
CVE-2001-1325 affects Internet Explorer 5.0/5.5 and Outlook Express 5.0/5.5. The vulnerability allows remote script execution when Active Scripting is disabled if scripts are embedded in XML stylesheets (XSL) loaded via an IFRAME, potentially tied to Windows Scripting Host (WSH). OpenVAS findings...
CVE-2001-0807
The provided records indicate CVE-2001-0807 affects Internet Explorer 5.0 (and possibly other versions). The vulnerability allows a remote attacker from a malicious web page to read known text files from a client’s hard drive by using a SCRIPT tag with a SRC attribute that points to the local tex...
CVE-1999-1367
CVE-1999-1367 affects Internet Explorer 5.0. The issue is that the browser does not properly reset the username/password cache for sites that lack standard cache controls, allowing another user on the same system to access restricted sites visited by a prior user. Impact is partial confidentialit...
CVE-1999-1370
The CVE-1999-1370 entry concerns the Internet Explorer 5.0 setup wizard (ie5setup.exe). The provided sources state that during unattended installation it disables the screen saver and the Task Scheduler Service, potentially allowing local access or disruption of security-critical program executio...
CVE-1999-1110
The CVE-1999-1110 vulnerability concerns the Windows Media Player ActiveX control as used in Internet Explorer 5.0. The ActiveX object reportedly returns a specific error code when a referenced file does not exist, enabling remote websites to determine whether a file exists on the client. The pro...
CVE-2001-0089
CVE-2001-0089 affects Internet Explorer 5.0–5.5. The vulnerability allows a remote attacker to read arbitrary files from the client through an HTML form using an INPUT TYPE element, known as the “File Upload via Form” issue. The provided documents do not specify payloads, affected configurations ...
CVE-1999-0489
MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste a file name into the file upload intrinsic control, a variant of "untrusted scripted paste" as described in MS:MS98-013...
CVE-1999-0490
MSHTML.DLL in Internet Explorer 5.0 is affected by CVE-1999-0490. The vulnerability enables a remote attacker to cause information disclosure by using an IMG SRC tag to learn local file information. The documented impact is partial disclosure of data from the target user’s files, with network-bas...
CVE-1999-0489
CVE-1999-0489 affects MSHTML.DLL in Internet Explorer 5.0. It allows a remote attacker to paste a file name into the file upload intrinsic control (variant of “untrusted scripted paste” per MS:MS98-013).
Microsoft Internet Explorer 4.1/5.0/4.0.1 - Subframe Spoofing
Internet Explorer 4.1 for Windows 95/Windows 98/Windows NT 4,Internet Explorer 5.0 for Windows 95/Windows 98/Windows NT 4,Internet Explorer 4.0.1 for Windows 98/Windows NT 4.0 Subframe Spoofing Vulnerability source: https://www.securityfocus.com/bid/855/info IE's default security settings allow a...
ie5.javascript.redirect.txt
IE 5.0 allows reading local and from any domain files and window spoofing using HTTP redirection to "javascript:" Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer applies, especially the fact that Georgi Guninski is n...
CVE-1999-0468
CVE-1999-0468: Internet Explorer 5.0 allows a remote server to read arbitrary files on the client’s file system via the Microsoft Scriptlet Component. Reported impact per CVSS suggests confidentiality loss (C:H) and overall HIGH severity (8.2) per CVSS v3.1, with network access and no user intera...
ie5_vulnerabilities.txt
Subject: IE 5.0 security vulnerabilities - ImportExportFavorites - at least creating and overwriting files, probably executing programs To: [email protected] Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer...
msie.5.0.javascript.dos.txt
Date: Mon, 31 May 1999 16:18:02 GMT From: THR - To: [email protected] Subject: Exploit in Internet Explorer 5.0 Hi everyone! I have found a bug which will freeze Internet Explorer 5.0 I know that there are many bugs that will crasch browsers but what makes this one special is the following: In...