Total
202 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-3637 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | 5.1 MEDIUM | N/A |
| Microsoft Internet Explorer 5.01 SP4 and 6 does not properly handle various HTML layout component combinations, which allows user-assisted remote attackers to execute arbitrary code via a crafted HTML file that leads to memory corruption, aka "HTML Rendering Memory Corruption Vulnerability." | |||||
| CVE-2006-2385 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | 7.6 HIGH | N/A |
| Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted web page that triggers memory corruption when it is saved as a multipart HTML (.mht) file. | |||||
| CVE-2004-0216 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | 10.0 HIGH | N/A |
| Integer overflow in the Install Engine (inseng.dll) for Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious website or HTML email with a long .CAB file name, which triggers the integer overflow when calculating a buffer length and leads to a heap-based buffer overflow. | |||||
| CVE-2005-0054 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | 5.1 MEDIUM | N/A |
| Internet Explorer 5.01, 5.5, and 6 allows remote attackers to spoof a less restrictive security zone and execute arbitrary code via an HTML page containing URLs that contain hostnames that have been double hex encoded, which are decoded twice to generate a malicious hostname, aka the "URL Decoding Zone Spoofing Vulnerability." | |||||
| CVE-2000-0768 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | 2.6 LOW | N/A |
| A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability. | |||||
| CVE-2005-1989 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | 7.5 HIGH | N/A |
| Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to obtain information and possibly execute code when browsing from a web site to a web folder view using WebDAV, aka "Web Folder Behaviors Cross-Domain Vulnerability". | |||||
| CVE-2005-1990 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | 5.1 MEDIUM | N/A |
| Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, including (1) devenum.dll, (2) diactfrm.dll, (3) wmm2filt.dll, (4) fsusd.dll, (5) dmdskmgr.dll, (6) browsewm.dll, (7) browseui.dll, (8) shell32.dll, (9) mshtml.dll, (10) inetcfg.dll, (11) infosoft.dll, (12) query.dll, (13) syncui.dll, (14) clbcatex.dll, (15) clbcatq.dll, (16) comsvcs.dll, and (17) msconf.dll, which causes memory corruption, aka "COM Object Instantiation Memory Corruption Vulnerability," a different vulnerability than CVE-2005-2087. | |||||
| CVE-2004-0845 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | 6.4 MEDIUM | N/A |
| Internet Explorer 5.01, 5.5, and 6 does not properly cache SSL content, which allows remote attackers to obtain information or spoof content via a web site with the same host name as the target web site, whose content is cached and reused when the user visits the target web site. | |||||
| CVE-2005-0056 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | 5.1 MEDIUM | N/A |
| Internet Explorer 5.01, 5.5, and 6 does not properly validate certain URLs in Channel Definition Format (CDF) files, which allows remote attackers to obtain sensitive information or execute arbitrary code, aka the "Channel Definition Format (CDF) Cross Domain Vulnerability." | |||||
| CVE-2006-3643 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | 6.0 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Internet Explorer 5.01 and 6 in Microsoft Windows 2000 SP4 permits access to local "HTML-embedded resource files" in the Microsoft Management Console (MMC) library, which allows remote authenticated users to execute arbitrary commands, aka "MMC Redirect Cross-Site Scripting Vulnerability." | |||||
| CVE-2006-3640 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 5.01 and 6 allows certain script to persist across navigations between pages, which allows remote attackers to obtain the window location of visited web pages in other domains or zones, aka "Window Location Information Disclosure Vulnerability." | |||||
| CVE-2006-3639 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | 7.5 HIGH | N/A |
| Microsoft Internet Explorer 5.01 and 6 does not properly identify the originating domain zone when handling redirects, which allows remote attackers to read cross-domain web pages and possibly execute code via unspecified vectors involving a crafted web page, aka "Source Element Cross-Domain Vulnerability." | |||||
| CVE-2005-1988 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | 5.1 MEDIUM | N/A |
| Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to execute arbitrary code via a web site or an HTML e-mail containing a crafted JPEG image that causes memory corruption, aka "JPEG Image Rendering Memory Corruption Vulnerability". | |||||
| CVE-2007-0943 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in Internet Explorer 5.01 and 6 SP1 allows remote attackers to execute arbitrary code via crafted Cascading Style Sheets (CSS) strings that trigger memory corruption during parsing, related to use of out-of-bounds pointers. | |||||
| CVE-2004-0843 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | 5.0 MEDIUM | N/A |
| Internet Explorer 5.5 and 6 does not properly handle plug-in navigation, which allows remote attackers to alter displayed address bars and thereby spoof web pages, facilitating phishing attacks, aka the "Plug-in Navigation Address Bar Spoofing Vulnerability." | |||||
| CVE-2003-1559 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 5.22, and other 5 through 6 SP1 versions, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. | |||||
| CVE-2006-3658 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by accessing the object references of a FolderItem ActiveX object, which triggers a null dereference in the security check. | |||||
| CVE-2006-1185 | 2 Canon, Microsoft | 3 Network Camera Server Vb101, Ie, Internet Explorer | 2021-07-23 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption. | |||||
| CVE-2006-3657 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (stack overflow exception) via a DXImageTransform.Microsoft.Gradient ActiveX object with a long (1) StartColorStr or (2) EndColorStr property. | |||||
| CVE-2006-3659 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the location or URL property of a MHTMLFile ActiveX object. | |||||