Filtered by vendor Microsoft
Subscriptions
Filtered by product Ie
Subscriptions
Total
202 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0056 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | N/A |
| Internet Explorer 5.01, 5.5, and 6 does not properly validate certain URLs in Channel Definition Format (CDF) files, which allows remote attackers to obtain sensitive information or execute arbitrary code, aka the "Channel Definition Format (CDF) Cross Domain Vulnerability." | ||||
| CVE-2003-1559 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | N/A |
| Microsoft Internet Explorer 5.22, and other 5 through 6 SP1 versions, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. | ||||
| CVE-2004-0843 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | N/A |
| Internet Explorer 5.5 and 6 does not properly handle plug-in navigation, which allows remote attackers to alter displayed address bars and thereby spoof web pages, facilitating phishing attacks, aka the "Plug-in Navigation Address Bar Spoofing Vulnerability." | ||||
| CVE-2006-3659 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | N/A |
| Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the location or URL property of a MHTMLFile ActiveX object. | ||||
| CVE-2006-1185 | 2 Canon, Microsoft | 3 Network Camera Server Vb101, Ie, Internet Explorer | 2021-07-23 | N/A |
| Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption. | ||||
| CVE-2006-1192 | 2 Canon, Microsoft | 3 Network Camera Server Vb101, Ie, Internet Explorer | 2021-07-23 | N/A |
| Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow "window content to persist" after the user has navigated to another site, aka the "Address Bar Spoofing Vulnerability." NOTE: this is a different vulnerability than CVE-2006-1626. | ||||
| CVE-2006-3657 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | N/A |
| Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (stack overflow exception) via a DXImageTransform.Microsoft.Gradient ActiveX object with a long (1) StartColorStr or (2) EndColorStr property. | ||||
| CVE-2006-3658 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | N/A |
| Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by accessing the object references of a FolderItem ActiveX object, which triggers a null dereference in the security check. | ||||
| CVE-2007-1765 | 2 Avaya, Microsoft | 10 Definity One Media Server, Ip600 Media Servers, S3400 and 7 more | 2021-07-23 | N/A |
| Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier. | ||||
| CVE-2009-0552 | 1 Microsoft | 5 Ie, Internet Explorer, Windows 2000 and 2 more | 2021-07-23 | N/A |
| Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 on Windows XP SP2 and SP3, and 6 on Windows Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a web page that triggers presence of an object in memory that was (1) not properly initialized or (2) deleted, aka "Uninitialized Memory Corruption Vulnerability." | ||||
| CVE-2000-0518 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-22 | N/A |
| Internet Explorer 4.x and 5.x does not properly verify all contents of an SSL certificate if a connection is made to the server via an image or a frame, aka one of two different "SSL Certificate Validation" vulnerabilities. | ||||
| CVE-2000-0519 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-22 | N/A |
| Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establishes a new SSL session with the same server during the same Internet Explorer session, aka one of two different "SSL Certificate Validation" vulnerabilities. | ||||
| CVE-2000-0162 | 1 Microsoft | 3 Ie, Internet Explorer, Visual Studio | 2021-07-22 | N/A |
| The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability. | ||||
| CVE-2000-0329 | 1 Microsoft | 4 Ie, Internet Explorer, Outlook and 1 more | 2021-07-22 | N/A |
| A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability. | ||||
| CVE-2004-0212 | 2 Avaya, Microsoft | 8 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 5 more | 2019-04-30 | N/A |
| Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters, as demonstrated using Internet Explorer and accessing a .job file on an anonymous share. | ||||
| CVE-2006-0753 | 1 Microsoft | 1 Ie | 2018-10-19 | N/A |
| Memory leak in Microsoft Internet Explorer 6 for Windows XP Service Pack 2 allows remote attackers to cause a denial of service (memory consumption) via JavaScript that uses setInterval to repeatedly call a function to set the value of window.status. | ||||
| CVE-2004-1104 | 1 Microsoft | 1 Ie | 2018-10-19 | N/A |
| Microsoft Internet Explorer 6.0 SP2 allows remote attackers to spoof a legitimate URL in the status bar and conduct a phishing attack via a web page that contains a BASE element that points to the legitimate site, followed by an anchor (a) element with an empty "href" attribute, and a FORM whose action points to a malicious URL, and an INPUT submit element that is modified to look like a legitimate URL. | ||||
| CVE-2006-3451 | 1 Microsoft | 1 Ie | 2018-10-18 | N/A |
| Microsoft Internet Explorer 5 SP4 and 6 do not properly garbage collect when "multiple imports are used on a styleSheets collection" to construct a chain of Cascading Style Sheets (CSS), which allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2006-1719 | 1 Microsoft | 1 Ie | 2018-10-18 | N/A |
| Internet Explorer 6 allows remote attackers to cause a denial of service (application crash) via any scrollbar Cascading Style Sheets (CSS) property. | ||||
| CVE-2006-1245 | 1 Microsoft | 1 Ie | 2018-10-18 | N/A |
| Buffer overflow in mshtml.dll in Microsoft Internet Explorer 6.0.2900.2180, and probably other versions, allows remote attackers to execute arbitrary code via an HTML tag with a large number of script action handlers such as onload and onmouseover, as demonstrated using onclick, aka the "Multiple Event Handler Memory Corruption Vulnerability." | ||||