Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Internet_explorer
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 1640 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2000-01-07 | CVE-2000-0061 | Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document has been loaded, which could allow remote attackers to execute Javascript in a different security context while the document is loading. | Internet_explorer | N/A | ||
| 2000-02-16 | CVE-2000-0156 | Internet Explorer 4.x and 5.x allows remote web servers to access files on the client that are outside of its security domain, aka the "Image Source Redirect" vulnerability. | Internet_explorer | N/A | ||
| 2000-02-18 | CVE-2000-0162 | The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability. | Ie, Internet_explorer, Visual_studio | N/A | ||
| 2000-03-01 | CVE-2000-0201 | The window.showHelp() method in Internet Explorer 5.x does not restrict HTML help files (.chm) to be executed from the local host, which allows remote attackers to execute arbitrary commands via Microsoft Networking. | Internet_explorer | N/A | ||
| 2000-05-17 | CVE-2000-0465 | Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files via the frame, aka the "Frame Domain Verification" vulnerability. | Internet_explorer | N/A | ||
| 2000-05-17 | CVE-2000-0464 | Internet Explorer 4.x and 5.x allows remote attackers to execute arbitrary commands via a buffer overflow in the ActiveX parameter parsing capability, aka the "Malformed Component Attribute" vulnerability. | Internet_explorer | N/A | ||
| 2002-07-03 | CVE-2002-0371 | Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response. | Internet_explorer, Isa_server, Proxy_server, Gopher | N/A | ||
| 2002-05-29 | CVE-2002-0190 | Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code under fewer security restrictions via a malformed web page that requires NetBIOS connectivity, aka "Zone Spoofing through Malformed Web Page" vulnerability. | Internet_explorer | N/A | ||
| 2000-06-06 | CVE-2000-0503 | The IFRAME of the WebBrowser control in Internet Explorer 5.01 allows a remote attacker to violate the cross frame security policy via the NavigateComplete2 event. | Internet_explorer | N/A | ||
| 2001-05-11 | CVE-2001-1450 | Microsoft Internet Explorer 5.0 through 6.0 allows attackers to cause a denial of service (browser crash) via a crafted FTP URL such as "/.#./". | Internet_explorer | N/A |