125 matches found
MSIE->BodyRefreshLoadsJPU:refresh is a new navigation method
BodyRefreshLoadsJPU:refresh is a new navigation method tested Browser Ver MS Internet Explorer: 6.0.2600.0000.xpclntqfe.021108-2107; Encryption: 128-bit; Patch:; Q810847; So, it's far from fully patched. It also works after applying the patch for method caching attack. OS Ver: "Windows XP Cn ver"...
Microsoft Internet Explorer showHelp crossite scripting
Subsequent calls to showHelp cause content to be displayed in the same security zone...
CVE-2003-0309
Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to bypass security zone restrictions and execute arbitrary programs via a web document with a large number of duplicate file:// or other requests that point to the program and open multiple file download dialogs, which eventually cause...
Mozilla 1.x opera 67 - Timed document.write Method Cross Domain Policy
Mozilla 1.x opera 67 - Timed document.write Method Cross Domain Policy source: https://www.securityfocus.com/bid/7847/info It has been reported that under some circumstances, it is possible violate the cross-domain restriction of browser security. Because of this, an attacker may be able to execu...
CVE-2003-0309
The CVE covers Microsoft Internet Explorer 5.01, 5.5, and 6.0 where a crafted web document with a large number of duplicate file:// or other requests using FRAME/IFRAME can trigger multiple file download dialogs, ultimately allowing remote code execution. The issue is mitigated by Microsoft patch...
CVE-2003-0309
Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to bypass security zone restrictions and execute arbitrary programs via a web document with a large number of duplicate file:// or other requests that point to the program and open multiple file download dialogs, which eventually cause...
Poisonous Style for Dialog window turns the zone off.
Poisonous Style for Dialog window turns the zone off. "that's all" is the end of file if you are in a hurry tested MSIEv6CN version Patch: Q312461,Q328790MS02-066 IEXPLORE.EXE file version: 6.0.2600.0000 MSHTML.DLL file version: 6.00.2600.0000 demo at...
Security Bulletin MS02-055: Unchecked Buffer in Windows Help Facility Could Enable Code Execution (Q323255)
---------------------------------------------------------------------- Title: Unchecked Buffer in Windows Help Facility Could Enable Code Execution Q323255 Date: 02 October 2002 Software: Microsoft Windows 98 Microsoft Windows 98 Second Edition Microsoft Windows Millennium Edition Microsoft...
CVE-2002-0057
The CVE-2002-0057 issue affects the Microsoft XML Core Services XMLHTTP control (MSXML) in versions 2.6, 3.0, and 4.0 where IE security zone handling is applied to redirected data streams. The flaw allows a remote attacker to read arbitrary local files by specifying a local file as the XML Data S...
Microsoft SQL Server 2000 - SQLXML Script Injection
Microsoft SQL Server 2000 - SQLXML Script Injection source: https://www.securityfocus.com/bid/5005/info SQLXML is a component of SQL Server 2000, which enables SQL servers to receive and send database queries via XML Extensible Markup Language format. Such queries can be sent using various method...
Microsoft Internet Explorer may handle certain web pages in an incorrect, less restrictive security zone (MS02-023)
Overview Microsoft Internet Explorer IE may handle malformed Internet pages accessed through the NetBIOS protocol as if they belong to the IE's Intranet or Trusted Sites security zones, instead of the more restrictive Internet security zone. Description If a user views a page on the Internet that...
Six new bugs in Internet Explorer
Crossite scripting, local files disclosure, security zone spoofing, etc...
Microsoft Internet Explorer 5.5/6.0 - History List Script Injection
source: https://www.securityfocus.com/bid/4505/info A vulnerability has been reported in some versions of Internet Explorer. It is possible to inject JavaScript code into the browser history list, and execute it within any page context given appropriate user interaction. Internet Explorer stores...
Executable launch via Windows Medial Player from Microsoft Outlook/Outlook express
Via Windows Media file wma it's possible to open HTML file in local security zone, from html it's open chm, from chm - executable...
CVE-2002-0057
XMLHTTP control in Microsoft XML Core Services 2.6 and later does not properly handle IE Security Zone settings, which allows remote attackers to read arbitrary files by specifying a local file as an XML Data Source...
CVE-2001-0238
Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests...
CVE-2001-0238
The CVE-2001-0238 entry concerns Microsoft Data Access Component Internet Publishing Provider (ID 8.103.2519.0 and earlier). The available connected documents describe that remote attackers can bypass Security Zone restrictions through WebDAV requests. The root cause details are not explicitly st...
EUVD-2001-0238
Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests...
Vulnerability in IE/Outlook ActiveX control
-----BEGIN PGP SIGNED MESSAGE----- Microsoft alerted me to a new vulnerability discovered by Georgi Guninski and now posted publicly. The vulnerability involves an ActiveX control that is installed by a variety of software, including Office/Outlook XP. The control exposes a method which should no...
CVE-2001-0238
Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests...