Jelmer

9 exploits Active since Sep 2002
EIP-2026-118842 EXPLOITDB text WORKING POC
Microsoft Internet Explorer 6 - window.open Media Bar Cross-Zone Scripting
CVE-2004-2291 EXPLOITDB text WORKING POC
Microsoft Windows Internet Explorer <6.0 - RCE
Microsoft Windows Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via an embedded script that uses Shell Helper objects and a shortcut (link) to execute the target script.
CVE-2004-0380 EXPLOITDB text WRITEUP
Microsoft Outlook Express <6 - Auth Bypass
The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability."
CVE-2004-2090 EXPLOITDB text WORKING POC
Microsoft Internet Explorer <6.0 - Info Disclosure
Microsoft Internet Explorer 5.0.1 through 6.0 allows remote attackers to determine the existence of arbitrary files via the VBScript LoadPicture method, which returns an error code if the file does not exist.
EIP-2026-118822 EXPLOITDB text WORKING POC
Microsoft Internet Explorer 6 - ADODB.Stream Object File Installation
CVE-2002-0976 EXPLOITDB html WORKING POC
Internet Explorer 4.0+ - Info Disclosure
Internet Explorer 4.0 and later allows remote attackers to read arbitrary files via a web page that accesses a legacy XML Datasource applet (com.ms.xml.dso.XMLDSO.class) and modifies the base URL to point to the local system, which is trusted by the applet.
EIP-2026-107364 EXPLOITDB text WORKING POC
GeekLog 1.3.x - HTML Injection
EIP-2026-104089 EXPLOITDB java WORKING POC
Sun Java Virtual Machine 1.x - 'Font.createFont' Method Insecure Temporary File Creation
CVE-2003-0282 EXPLOITDB text WRITEUP
UnZip <5.50 - Path Traversal
Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence.