Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft web applications vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2004-0845
Internet Explorer 5.01, 5.5, and 6 does not properly cache SSL content, which allows remote malicious users to obtain information or spoof content via a web site with the same host name as the target web site, whose content is cached and reused when the user visits the target web...
Microsoft Ie 6
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
7.5
CVSSv2
CVE-2004-0847
The Microsoft .NET forms authentication capability for ASP.NET allows remote malicious users to bypass authentication for .aspx files in restricted directories via a request containing a (1) "\" (backslash) or (2) "%5C" (encoded backslash), aka "Path Vali...
Microsoft Asp.net 1.1
Microsoft Asp.net
1 EDB exploit
10
CVSSv2
CVE-2004-0420
The Windows Shell application in Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows remote malicious users to execute arbitrary code by spoofing the type of a file via a CLSID specifier in the filename, as demonstrated using Internet ...
Microsoft Ie 6.0
Microsoft Internet Explorer 6.0
Microsoft Internet Explorer 6.0.2800.1106
7.5
CVSSv2
CVE-2003-0818
Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote malicious users to execute arbitrary code via ASN.1 BER encodings with (1) very large...
Microsoft Windows Nt 4.0
Microsoft Windows Xp
Microsoft Windows 2003 Server Web
Microsoft Windows 2003 Server Enterprise
Microsoft Windows 2003 Server Enterprise 64-bit
Microsoft Windows 2000
Microsoft Windows 2003 Server R2
Microsoft Windows 2003 Server Standard
3 EDB exploits
10
CVSSv2
CVE-2003-0347
Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 up to and including 6.3 allows remote malicious users to execute arbitrary code via a document with a long ID parameter.
Microsoft Visual Basic 6.3
Microsoft Visual Basic 5.0
Microsoft Project 2000
Microsoft Office 2000
Microsoft Visio 2002
Microsoft Project 2002
Microsoft Office Xp
Microsoft Visual Basic 6.2
1 EDB exploit
7.5
CVSSv2
CVE-2003-0346
Multiple integer overflows in a Microsoft Windows DirectX MIDI library (QUARTZ.DLL) allow remote malicious users to execute arbitrary code via a MIDI (.mid) file with (1) large length for a Text or Copyright string, or (2) a large number of tracks, which leads to a heap-based buf...
Microsoft Directx 9.0a
Microsoft Directx 7.0a
Microsoft Directx 7.0
Microsoft Directx 8.1
Microsoft Directx 6.1
Microsoft Directx 5.2
7.5
CVSSv2
CVE-2003-0532
Internet Explorer 5.01 SP3 up to and including 6.0 SP1 does not properly determine object types that are returned by web servers, which could allow remote malicious users to execute arbitrary code via an object tag with a data parameter to a malicious file hosted on a server that...
Microsoft Ie 6.0
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 5.0.1
Microsoft Internet Explorer 6.0
5
CVSSv2
CVE-2001-1410
Internet Explorer 6 and previous versions allows remote malicious users to create chromeless windows using the Javascript window.createPopup method, which could allow malicious users to simulate a victim's display and conduct unauthorized activities or steal sensitive data v...
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
1 EDB exploit
7.5
CVSSv2
CVE-2003-0344
Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote malicious users to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page.
Microsoft Ie 6.0
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
3 EDB exploits
5
CVSSv2
CVE-2002-1143
Microsoft Word and Excel allow remote malicious users to steal sensitive information via certain field codes that insert the information when the document is returned to the attacker, as demonstrated in Word using (1) INCLUDETEXT or (2) INCLUDEPICTURE, aka "Flaw in Word Fiel...
Microsoft Excel 2002
Microsoft Word 97
Microsoft Word 2002
Microsoft Word 2000
Microsoft Word 98
Microsoft Word 2001
Microsoft Word
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »