Vulnerabilities > Microsoft
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-04-22 | CVE-2002-0153 | Unspecified vulnerability in Microsoft IE Internet Explorer 5.1 for Macintosh allows remote attackers to bypass security checks and invoke local AppleScripts within a specific HTML element, aka the "Local Applescript Invocation" vulnerability. | 7.5 |
2002-04-22 | CVE-2002-0152 | Buffer Overflow vulnerability in Multiple Microsoft Products for MacOS File URL Buffer overflow in various Microsoft applications for Macintosh allows remote attackers to cause a denial of service (crash) or execute arbitrary code by invoking the file:// directive with a large number of / characters, which affects Internet Explorer 5.1, Outlook Express 5.0 through 5.0.2, Entourage v. | 7.5 |
2002-04-22 | CVE-2002-0150 | Unspecified vulnerability in Microsoft products Buffer overflow in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to spoof the safety check for HTTP headers and cause a denial of service or execute arbitrary code via HTTP header field values. | 7.5 |
2002-04-22 | CVE-2002-0149 | Unspecified vulnerability in Microsoft products Buffer overflow in ASP Server-Side Include Function in IIS 4.0, 5.0 and 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via long file names. | 7.5 |
2002-04-22 | CVE-2002-0148 | Unspecified vulnerability in Microsoft products Cross-site scripting vulnerability in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other users via an HTTP error page. | 7.5 |
2002-04-22 | CVE-2002-0147 | Unspecified vulnerability in Microsoft products Buffer overflow in the ASP data transfer mechanism in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to cause a denial of service or execute code, aka "Microsoft-discovered variant of Chunked Encoding buffer overrun." | 7.5 |
2002-04-22 | CVE-2002-0079 | Heap Overflow vulnerability in Microsoft products Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code. | 7.5 |
2002-04-22 | CVE-2002-0075 | Unspecified vulnerability in Microsoft products Cross-site scripting vulnerability for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other web users via the error message used in a URL redirect (""302 Object Moved") message. | 7.5 |
2002-04-22 | CVE-2002-0074 | Unspecified vulnerability in Microsoft products Cross-site scripting vulnerability in Help File search facility for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to embed scripts into another user's session. | 7.5 |
2002-04-22 | CVE-2002-0073 | Unspecified vulnerability in Microsoft products The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters. | 5.0 |