Vulnerabilities (CVE)

Filtered by vendor Microsoft Subscribe
Filtered by product Internet Explorer
Total 1742 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-1999-0871 1 Microsoft 1 Internet Explorer 2021-07-22 2.6 LOW N/A
Internet Explorer 4.0 and 4.01 allow a remote attacker to read files via IE's cross frame security, aka the "Cross Frame Navigate" vulnerability.
CVE-1999-1472 1 Microsoft 1 Internet Explorer 2021-07-22 5.0 MEDIUM N/A
Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user's machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Freiburg text-viewing issue.
CVE-2000-0519 1 Microsoft 2 Ie, Internet Explorer 2021-07-22 2.6 LOW N/A
Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establishes a new SSL session with the same server during the same Internet Explorer session, aka one of two different "SSL Certificate Validation" vulnerabilities.
CVE-2000-0329 1 Microsoft 4 Ie, Internet Explorer, Outlook and 1 more 2021-07-22 5.1 MEDIUM N/A
A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability.
CVE-1999-1453 1 Microsoft 1 Internet Explorer 2021-07-22 2.6 LOW N/A
Internet Explorer 4 allows remote attackers (malicious web site operators) to read the contents of the clipboard via the Internet WebBrowser ActiveX object.
CVE-1999-1094 1 Microsoft 1 Internet Explorer 2021-07-22 7.5 HIGH N/A
Buffer overflow in Internet Explorer 4.01 and earlier allows remote attackers to execute arbitrary commands via a long URL with the "mk:" protocol, aka the "MK Overrun security issue."
CVE-2000-0162 1 Microsoft 3 Ie, Internet Explorer, Visual Studio 2021-07-22 5.1 MEDIUM N/A
The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability.
CVE-2001-0322 1 Microsoft 3 Internet Explorer, Outlook, Outlook Express 2021-07-22 5.0 MEDIUM N/A
MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, allows remote attackers to cause a denial of service (application crash) via a script that creates and deletes an object that is associated with the browser window object.
CVE-2000-0518 1 Microsoft 2 Ie, Internet Explorer 2021-07-22 2.6 LOW N/A
Internet Explorer 4.x and 5.x does not properly verify all contents of an SSL certificate if a connection is made to the server via an image or a frame, aka one of two different "SSL Certificate Validation" vulnerabilities.
CVE-1999-1473 1 Microsoft 1 Internet Explorer 2021-07-22 5.0 MEDIUM N/A
When a Web site redirects the browser to another site, Internet Explorer 3.02 and 4.0 automatically resends authentication information to the second site, aka the "Page Redirect Issue."
CVE-1999-1447 1 Microsoft 1 Internet Explorer 2021-07-22 5.0 MEDIUM N/A
Internet Explorer 4.0 allows remote attackers to cause a denial of service (crash) via HTML code that contains a long CLASSID parameter in an OBJECT tag.
CVE-1999-1446 1 Microsoft 1 Internet Explorer 2021-07-22 2.1 LOW N/A
Internet Explorer 3 records a history of all URL's that are visited by a user in DAT files located in the Temporary Internet Files and History folders, which are not cleared when the user selects the "Clear History" option, and are not visible when the user browses the folders because of tailored displays.
CVE-1999-1128 1 Microsoft 1 Internet Explorer 2021-07-22 5.1 MEDIUM N/A
Internet Explorer 3.01 on Windows 95 allows remote malicious web sites to execute arbitrary commands via a .isp file, which is automatically downloaded and executed without prompting the user.
CVE-2020-0768 1 Microsoft 11 Chakracore, Edge, Internet Explorer and 8 more 2021-07-21 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.
CVE-2020-1092 1 Microsoft 9 Internet Explorer, Windows 10, Windows 7 and 6 more 2021-07-21 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1062.
CVE-2020-0640 1 Microsoft 9 Internet Explorer, Windows 10, Windows 7 and 6 more 2021-07-21 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'.
CVE-2020-0830 1 Microsoft 11 Chakracore, Edge, Internet Explorer and 8 more 2021-07-21 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848.
CVE-2020-0847 1 Microsoft 7 Internet Explorer, Windows 10, Windows 7 and 4 more 2021-07-21 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'.
CVE-2020-1315 1 Microsoft 9 Internet Explorer, Windows 10, Windows 7 and 6 more 2021-07-21 2.6 LOW 5.3 MEDIUM
An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory, aka 'Internet Explorer Information Disclosure Vulnerability'.
CVE-2020-0824 1 Microsoft 9 Internet Explorer, Windows 10, Windows 7 and 6 more 2021-07-21 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'.