Jouko Pynnã¶Nen

#9008de 53,635
30.3CVSS total
Vulnerabilidades · 5
Média
3
Alta
2
PT-2005-1174
5.1
2005-02-08
Microsoft · Internet Explorer · CVE-2005-0054
**Name of the Vulnerable Software and Affected Versions** Internet Explorer versions 5.01, 5.5, and 6 **Description** The issue allows remote attackers to spoof a less restrictive security zone and execute arbitrary code via an HTML page containing URLs with double hex encoded hostnames. These hostnames are decoded twice, resulting in the generation of a malicious hostname. **Recommendations** For Internet Explorer versions 5.01, 5.5, and 6, update to a version that includes a fix for this issue to prevent the execution of arbitrary code.
PT-2005-1176
5.1
2005-02-08
Microsoft · Internet Explorer · CVE-2005-0056
**Name of the Vulnerable Software and Affected Versions** Internet Explorer versions 5.01, 5.5, and 6 **Description** The issue allows remote attackers to obtain sensitive information or execute arbitrary code due to improper validation of certain URLs in Channel Definition Format (CDF) files. **Recommendations** For Internet Explorer version 5.01, update to a version that properly validates URLs in CDF files. For Internet Explorer version 5.5, update to a version that properly validates URLs in CDF files. For Internet Explorer version 6, update to a version that properly validates URLs in CDF files.
PT-2004-1176
5.1
2004-04-16
Microsoft · Windows Xp · CVE-2003-0907
**Name of the Vulnerable Software and Affected Versions** Microsoft Windows XP version SP1 **Description** The issue concerns the Help and Support Center in Microsoft Windows XP, which fails to properly validate HCP URLs. This allows remote attackers to execute arbitrary code by using quotation marks in an hcp:// URL. The vulnerability arises because the quotation marks are not quoted when constructing the argument list to HelpCtr.exe. **Recommendations** For Microsoft Windows XP version SP1, update to a newer service pack or apply the relevant patch to resolve the issue. As a temporary workaround, consider restricting access to the Help and Support Center to minimize the risk of exploitation.
PT-2003-1451
7.5
2003-05-02
Microsoft · Internet Explorer · CVE-2003-0233
Name of the Vulnerable Software and Affected Versions: Internet Explorer versions 5.01 through 6.0 Description: A heap-based buffer overflow issue allows remote attackers to execute arbitrary code. This is achieved via the Load() method. Recommendations: For Internet Explorer versions 5.01 through 6.0, update to a newer version to mitigate the risk.
PT-2003-1375
7.5
2003-04-26
Microsoft · Internet Explorer · CVE-2003-0113
**Name of the Vulnerable Software and Affected Versions** Microsoft Internet Explorer versions 5.01 through 6.0 **Description** A buffer overflow issue exists, allowing remote attackers to execute arbitrary code via an HTTP response containing long values in the `Content-type` and `Content-encoding` fields. **Recommendations** For Microsoft Internet Explorer versions 5.01 through 6.0, update to a newer version to mitigate the risk.