This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2001-10-30
Product Ie Last view 2011-12-07
Version 6 Type Application
Update sp1  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:microsoft:ie

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
5 2011-12-07 CVE-2010-5071

The JavaScript implementation in Microsoft Internet Explorer 8.0 and earlier does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method.

4.3 2011-12-07 CVE-2002-2435

The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264.

4.3 2011-08-09 CVE-2011-2379

Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3, when Internet Explorer before 9 or Safari before 5.0.6 is used for Raw Unified mode, allows remote attackers to inject arbitrary web script or HTML via a crafted patch, related to content sniffing.

4.3 2011-06-03 CVE-2011-2383

Microsoft Internet Explorer 9 and earlier does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing an http: URL that redirects to a file: URL, as demonstrated by a Facebook game, related to a "cookiejacking" issue, aka "Drag and Drop Information Disclosure Vulnerability." NOTE: this vulnerability exists because of an incomplete fix in the Internet Explorer 9 release.

4.3 2011-06-03 CVE-2011-2382

Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 beta, does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing a file: URL, as demonstrated by a Facebook game, related to a "cookiejacking" issue.

4.3 2011-05-23 CVE-2011-1765

Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.5, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .shtml at the end of the query string, in conjunction with a modified URI path that has a %2E sequence in place of the . (dot) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1578 and CVE-2011-1587.

4.3 2011-04-26 CVE-2011-1587

Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.4, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .html located before a ? (question mark) in a query string, in conjunction with a modified URI path that has a %2E sequence in place of the . (dot) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1578.

4.3 2011-04-26 CVE-2011-1578

Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.3, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .html at the end of the query string, in conjunction with a modified URI path that has a %2E sequence in place of the . (dot) character.

9.3 2010-06-08 CVE-2010-1262

Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, related to the CStyleSheet object and a free of the root container, aka "Memory Corruption Vulnerability."

9.3 2010-06-08 CVE-2010-1259

Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."

9.3 2010-03-31 CVE-2010-0805

The Tabular Data Control (TDC) ActiveX control in Microsoft Internet Explorer 5.01 SP4, 6 on Windows XP SP2 and SP3, and 6 SP1 allows remote attackers to execute arbitrary code via a long URL (DataURL parameter) that triggers memory corruption in the CTDCCtl::SecurityCHeckDataURL function, aka "Memory Corruption Vulnerability."

4.3 2010-03-31 CVE-2010-0494

Cross-domain vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 allows user-assisted remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted HTML document in a situation where the client user drags one browser window across another browser window, aka "HTML Element Cross-Domain Vulnerability."

9.3 2010-03-31 CVE-2010-0491

Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 allows remote attackers to execute arbitrary code by changing unspecified properties of an HTML object that has an onreadystatechange event handler, aka "HTML Object Memory Corruption Vulnerability."

9.3 2010-03-31 CVE-2010-0489

Race condition in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Race Condition Memory Corruption Vulnerability."

4.3 2010-03-31 CVE-2010-0488

Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 does not properly handle unspecified "encoding strings," which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site, aka "Post Encoding Information Disclosure Vulnerability."

9.3 2010-03-31 CVE-2010-0267

Microsoft Internet Explorer 6, 6 SP1, and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."

9.3 2010-02-04 CVE-2010-0555

Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prevent rendering of non-HTML local files as HTML documents, which allows remote attackers to bypass intended access restrictions and read arbitrary files via vectors involving the product's use of text/html as the default content type for files that are encountered after a redirection, aka the URLMON sniffing vulnerability, a variant of CVE-2009-1140 and related to CVE-2008-1448.

4.3 2010-02-04 CVE-2010-0255

Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prevent rendering of non-HTML local files as HTML documents, which allows remote attackers to bypass intended access restrictions and read arbitrary files via vectors involving JavaScript exploit code that constructs a reference to a file://127.0.0.1 URL, aka the dynamic OBJECT tag vulnerability, as demonstrated by obtaining the data from an index.dat file, a variant of CVE-2009-1140 and related to CVE-2008-1448.

9.3 2010-01-22 CVE-2010-0248

Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability."

9.3 2010-01-22 CVE-2010-0247

Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."

9.3 2010-01-22 CVE-2010-0244

Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-2530 and CVE-2009-2531.

9.3 2009-12-09 CVE-2009-3674

Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3671.

9.3 2009-12-09 CVE-2009-3673

Microsoft Internet Explorer 7 and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."

9.3 2009-12-09 CVE-2009-3671

Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3674.

5 2009-08-24 CVE-2009-2954

Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote attackers to cause a denial of service (CPU consumption and application hang) via JavaScript code with a long string value for the hash property (aka location.hash), a related issue to CVE-2008-5715.

CWE : Common Weakness Enumeration

%idName
29% (15) CWE-94 Failure to Control Generation of Code ('Code Injection')
21% (11) CWE-399 Resource Management Errors
11% (6) CWE-200 Information Exposure
9% (5) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
7% (4) CWE-20 Improper Input Validation
3% (2) CWE-362 Race Condition
3% (2) CWE-287 Improper Authentication
3% (2) CWE-264 Permissions, Privileges, and Access Controls
3% (2) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
1% (1) CWE-189 Numeric Errors
1% (1) CWE-16 Configuration

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-41 Using Meta-characters in E-mail Headers to Inject Malicious Payloads
CAPEC-88 OS Command Injection
CAPEC-133 Try All Common Application Switches and Options

SAINT Exploits

Description Link
Microsoft Speech API memory corruption More info here
Internet Explorer Tabular Data Control DataURL memory corruption More info here
Internet Explorer tblinf32.dll ActiveX IObjectsafety vulnerability More info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
77606 Microsoft IE JavaScript Implementation getComputedStyle Method Page Handling ...
74619 MediaWiki URI Query String %2E Sequence XSS
74297 Bugzilla Patch Attachment Raw Unified Viewing Mode XSS
72724 Microsoft IE Cookie Jacking Account Authentication Bypass
65215 Microsoft IE Uninitialized Object Handling Memory Corruption (2010-1259)
65212 Microsoft IE CStyleSheet Object Handling Memory Corruption
63335 Microsoft IE Unspecified Uninitialized Memory Corruption
63334 Microsoft IE Post Encoding Information Disclosure
63333 Microsoft IE Unspecified Race Condition Memory Corruption
63331 Microsoft IE HTML Object onreadystatechange Event Handler Memory Corruption
63329 Microsoft IE Tabular Data Control (TDC) ActiveX URL Handling CTDCCtl::Securit...
63328 Microsoft IE HTML Element Handling Cross-Domain Information Disclosure
62157 Microsoft IE text/html Content Type URLMON Sniffing Arbitrary File Access
62156 Microsoft IE Dynamic OBJECT Tag Cross-domain Arbitrary File Access
61914 Microsoft IE Javascript Cloned DOM Object Handling Memory Corruption
61913 Microsoft IE HTML Object Handling Unspecified Memory Corruption
61910 Microsoft IE Table Layout Col Tag Cache Update Handling Memory Corruption
60839 Microsoft IE CAttrArray Object Circular Dereference Remote Code Execution
60838 Microsoft IE CSS Element Access Race Condition Memory Corruption
60837 Microsoft IE XHTML DOM Manipulation Memory Corruption
58788 Microsoft IE Crafted File Extension Download Security Warning Bypass
57506 Microsoft IE location.hash Javascript Handling Remote DoS
57113 Microsoft IE Extended HTML Form Non-HTTP Protocol XSS
56695 Microsoft IE HTML Embedded CSS Property Modification Memory Corruption
56694 Microsoft IE Invalid HTML Object Element Appendage Handling Memory Corruption

ExploitDB Exploits

id Description
12032 Microsoft Internet Explorer Tabular Data Control ActiveX Remote Code Execution
3652 MS Windows Animated Cursor (.ANI) Overflow Exploit (Hardware DEP)
3617 MS Windows Animated Cursor (.ANI) Stack Overflow Exploit

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-04-02 Name : Fedora Update for bugzilla FEDORA-2011-10399
File : nvt/gb_fedora_2011_10399_bugzilla_fc16.nasl
2012-02-12 Name : Gentoo Security Advisory GLSA 201110-03 (bugzilla)
File : nvt/glsa_201110_03.nasl
2012-02-11 Name : Debian Security Advisory DSA 2366-1 (mediawiki)
File : nvt/deb_2366_1.nasl
2011-12-09 Name : Microsoft Internet Explorer Multiple Information Disclosure Vulnerabilities
File : nvt/gb_ms_ie_mult_info_disc_vuln.nasl
2011-10-16 Name : Debian Security Advisory DSA 2322-1 (bugzilla)
File : nvt/deb_2322_1.nasl
2011-09-21 Name : FreeBSD Ports: bugzilla
File : nvt/freebsd_bugzilla13.nasl
2011-08-24 Name : Fedora Update for bugzilla FEDORA-2011-10413
File : nvt/gb_fedora_2011_10413_bugzilla_fc14.nasl
2011-08-24 Name : Fedora Update for bugzilla FEDORA-2011-10426
File : nvt/gb_fedora_2011_10426_bugzilla_fc15.nasl
2011-08-22 Name : Bugzilla Multiple Security Vulnerabilities
File : nvt/gb_bugzilla_49042.nasl
2011-08-11 Name : Microsoft Internet Explorer Multiple Vulnerabilities (2559049)
File : nvt/secpod_ms11-057.nasl
2011-06-13 Name : Microsoft Internet Explorer Cookie Hijacking Vulnerability
File : nvt/gb_ms_ie9_cookie_hijacking_vuln.nasl
2011-06-13 Name : Microsoft Internet Explorer Cookie Hijacking Vulnerability
File : nvt/gb_ms_ie_cookie_hijacking_vuln.nasl
2011-06-02 Name : MediaWiki Cross-Site Scripting Vulnerability
File : nvt/secpod_mediawiki_xss_vuln.nasl
2011-05-23 Name : Fedora Update for mediawiki FEDORA-2011-6774
File : nvt/gb_fedora_2011_6774_mediawiki_fc14.nasl
2011-05-23 Name : Fedora Update for mediawiki FEDORA-2011-6775
File : nvt/gb_fedora_2011_6775_mediawiki_fc13.nasl
2011-05-05 Name : Fedora Update for mediawiki FEDORA-2011-5807
File : nvt/gb_fedora_2011_5807_mediawiki_fc13.nasl
2011-05-05 Name : Fedora Update for mediawiki FEDORA-2011-5812
File : nvt/gb_fedora_2011_5812_mediawiki_fc14.nasl
2011-01-18 Name : Microsoft Products GDI Plus Remote Code Execution Vulnerabilities (954593)
File : nvt/gb_ms08-052.nasl
2011-01-14 Name : Microsoft Internet Explorer mshtml.dll Remote Memory Corruption Vulnerability...
File : nvt/gb_ms07-069.nasl
2011-01-10 Name : Microsoft 'hxvz.dll' ActiveX Control Memory Corruption Vulnerability (948881)
File : nvt/gb_ms08-023.nasl
2010-07-08 Name : Cumulative Security Update for Internet Explorer (937143)
File : nvt/ms07-045.nasl
2010-07-08 Name : Cumulative Security Update for Internet Explorer (931768)
File : nvt/ms07-027.nasl
2010-07-08 Name : Cumulative Security Update for Internet Explorer (933566)
File : nvt/ms07-033.nasl
2010-06-09 Name : Microsoft Internet Explorer Multiple Vulnerabilities (982381)
File : nvt/secpod_ms10-035.nasl
2010-04-01 Name : Microsoft Internet Explorer Multiple Vulnerabilities (980182)
File : nvt/secpod_ms10-018.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2008-T-0053 WinZip gdiplus.dll Microsoft Module Unspecified Security Vulnerability
Severity: Category II - VMSKEY: V0017532

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 mk Asychronous Pluggable Protocol Handler ActiveX clsid unicode access
RuleID : 7959 - Type : WEB-ACTIVEX - Revision : 8
2014-01-10 Microsoft Internet Explorer mk Asychronous Pluggable Protocol Handler ActiveX...
RuleID : 7958 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 https Asychronous Pluggable Protocol Handler ActiveX clsid unicode access
RuleID : 7945 - Type : WEB-ACTIVEX - Revision : 8
2014-01-10 Microsoft Internet Explorer https Asychronous Pluggable Protocol Handler Acti...
RuleID : 7944 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 http Asychronous Pluggable Protocol Handler ActiveX clsid unicode access
RuleID : 7943 - Type : WEB-ACTIVEX - Revision : 8
2014-01-10 Microsoft Internet Explorer http Asychronous Pluggable Protocol Handler Activ...
RuleID : 7942 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 gopher Asychronous Pluggable Protocol Handler ActiveX clsid unicode access
RuleID : 7939 - Type : WEB-ACTIVEX - Revision : 8
2014-01-10 Microsoft Internet Explorer gopher Asychronous Pluggable Protocol Handler Act...
RuleID : 7938 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 ftp Asychronous Pluggable Protocol Handler ActiveX clsid unicode access
RuleID : 7935 - Type : WEB-ACTIVEX - Revision : 8
2014-01-10 Microsoft Internet Explorer ftp Asychronous Pluggable Protocol Handler Active...
RuleID : 7934 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 file or local Asychronous Pluggable Protocol Handler ActiveX clsid unicode ac...
RuleID : 7929 - Type : WEB-ACTIVEX - Revision : 8
2014-01-10 Microsoft Internet Explorer file or local Asychronous Pluggable Protocol Hand...
RuleID : 7928 - Type : BROWSER-PLUGINS - Revision : 15
2014-01-10 CDL Asychronous Pluggable Protocol Handler ActiveX clsid unicode access
RuleID : 7905 - Type : WEB-ACTIVEX - Revision : 8
2014-01-10 Microsoft Internet Explorer CDL Asychronous Pluggable Protocol Handler Active...
RuleID : 7904 - Type : BROWSER-PLUGINS - Revision : 18
2014-01-10 DXImageTransform.Microsoft.Light ActiveX function call access
RuleID : 6519 - Type : WEB-CLIENT - Revision : 4
2014-01-10 DXImageTransform.Microsoft.Light ActiveX CLSID unicode access
RuleID : 6518 - Type : WEB-ACTIVEX - Revision : 6
2014-01-10 Microsoft Internet Explorer DXImageTransform.Microsoft.Light ActiveX clsid ac...
RuleID : 6517 - Type : BROWSER-PLUGINS - Revision : 13
2014-01-10 Microsoft Internet Explorer DXImageTransform.Microsoft.Light ActiveX function...
RuleID : 6516 - Type : BROWSER-PLUGINS - Revision : 11
2017-09-06 Microsoft Internet Explorer CTableLayout memory corruption attempt
RuleID : 43831 - Type : BROWSER-IE - Revision : 3
2017-09-06 Microsoft Internet Explorer CTableLayout memory corruption attempt
RuleID : 43830 - Type : BROWSER-IE - Revision : 3
2017-08-15 Microsoft Internet Explorer span tag memory corruption attempt
RuleID : 43551 - Type : BROWSER-IE - Revision : 1
2017-08-15 Microsoft Internet Explorer span tag memory corruption attempt
RuleID : 43550 - Type : BROWSER-IE - Revision : 1
2017-08-01 Microsoft Internet Explorer clone object memory corruption attempt
RuleID : 43398 - Type : BROWSER-IE - Revision : 1
2017-07-27 Microsoft Internet Explorer CSS property method handling memory corruption at...
RuleID : 43358 - Type : BROWSER-IE - Revision : 1
2016-07-08 Microsoft Internet Explorer DOM object cache management memory corruption att...
RuleID : 39156 - Type : BROWSER-IE - Revision : 1

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-01-12 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-2366.nasl - Type: ACT_GATHER_INFO
2011-10-11 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-2322.nasl - Type: ACT_GATHER_INFO
2011-10-11 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201110-03.nasl - Type: ACT_GATHER_INFO
2011-08-23 Name: The remote Fedora host is missing a security update.
File: fedora_2011-10399.nasl - Type: ACT_GATHER_INFO
2011-08-20 Name: The remote Fedora host is missing a security update.
File: fedora_2011-10413.nasl - Type: ACT_GATHER_INFO
2011-08-20 Name: The remote Fedora host is missing a security update.
File: fedora_2011-10426.nasl - Type: ACT_GATHER_INFO
2011-08-15 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_dc8741b9c5d511e08a8e00151735203a.nasl - Type: ACT_GATHER_INFO
2011-08-09 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms11-057.nasl - Type: ACT_GATHER_INFO
2011-05-23 Name: The remote Fedora host is missing a security update.
File: fedora_2011-6774.nasl - Type: ACT_GATHER_INFO
2011-05-23 Name: The remote Fedora host is missing a security update.
File: fedora_2011-6775.nasl - Type: ACT_GATHER_INFO
2011-05-19 Name: The remote Fedora host is missing a security update.
File: fedora_2011-6781.nasl - Type: ACT_GATHER_INFO
2011-05-02 Name: The remote Fedora host is missing a security update.
File: fedora_2011-5812.nasl - Type: ACT_GATHER_INFO
2011-05-02 Name: The remote Fedora host is missing a security update.
File: fedora_2011-5807.nasl - Type: ACT_GATHER_INFO
2011-04-27 Name: The remote Fedora host is missing a security update.
File: fedora_2011-5848.nasl - Type: ACT_GATHER_INFO
2011-04-22 Name: The remote Fedora host is missing a security update.
File: fedora_2011-5495.nasl - Type: ACT_GATHER_INFO
2011-04-15 Name: The remote web server hosts a version of MediaWiki that is affected by a cros...
File: mediawiki_1_16_4.nasl - Type: ACT_ATTACK
2010-06-09 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms10-035.nasl - Type: ACT_GATHER_INFO
2010-03-30 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms10-018.nasl - Type: ACT_GATHER_INFO
2009-12-08 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms09-072.nasl - Type: ACT_GATHER_INFO
2009-07-28 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms09-034.nasl - Type: ACT_GATHER_INFO
2009-06-10 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms09-019.nasl - Type: ACT_GATHER_INFO
2009-02-16 Name: The remote host contains a web browser that is prone to a cross- browser scri...
File: google_chrome_1_0_154_48.nasl - Type: ACT_GATHER_INFO
2009-01-21 Name: Arbitrary code can be executed on the remote host through a web browser.
File: smb_nt_ms10-002.nasl - Type: ACT_GATHER_INFO
2008-09-10 Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r...
File: smb_nt_ms08-052.nasl - Type: ACT_GATHER_INFO
2008-04-08 Name: The remote Windows host has an ActiveX control that is affected by multiple b...
File: smb_nt_ms08-023.nasl - Type: ACT_GATHER_INFO