Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Internet_explorer
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 1640 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2002-03-08 | CVE-2002-0027 | Internet Explorer 5.5 and 6.0 allows remote attackers to read certain files and spoof the URL in the address bar by using the Document.open function to pass information between two frames from different domains, a new variant of the "Frame Domain Verification" vulnerability described in MS:MS01-058/CAN-2001-0874. | Internet_explorer | N/A | ||
| 2002-03-08 | CVE-2002-0026 | Internet Explorer 5.5 and 6.0 allows remote attackers to bypass restrictions for executing scripts via an object that processes asynchronous events after the initial security checks have been made. | Internet_explorer | N/A | ||
| 2002-03-08 | CVE-2002-0025 | Internet Explorer 5.01, 5.5 and 6.0 does not properly handle the Content-Type HTML header field, which allows remote attackers to modify which application is used to process a document. | Internet_explorer | N/A | ||
| 2002-03-08 | CVE-2002-0024 | File Download box in Internet Explorer 5.01, 5.5 and 6.0 allows an attacker to use the Content-Disposition and Content-Type HTML header fields to modify how the name of the file is displayed, which could trick a user into believing that a file is safe to download. | Internet_explorer | N/A | ||
| 2002-03-08 | CVE-2002-0023 | Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to read arbitrary files via malformed requests to the GetObject function, which bypass some of GetObject's security checks. | Internet_explorer | N/A | ||
| 2003-06-09 | CVE-2003-0309 | Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to bypass security zone restrictions and execute arbitrary programs via a web document with a large number of duplicate file:// or other requests that point to the program and open multiple file download dialogs, which eventually cause Internet Explorer to execute the program, as demonstrated using a large number of FRAME or IFRAME tags, aka the "File Download Dialog Vulnerability." | Internet_explorer | N/A | ||
| 2002-03-25 | CVE-2002-0136 | Microsoft Internet Explorer 5.5 on Windows 98 allows remote web pages to cause a denial of service (hang) via extremely long values for form fields such as INPUT and TEXTAREA, which can be automatically filled via Javascript. | Internet_explorer | N/A | ||
| 2002-03-25 | CVE-2002-0101 | Microsoft Internet Explorer 6.0 and earlier allows local users to cause a denial of service via an infinite loop for modeless dialogs showModelessDialog, which causes CPU usage while the focus for the dialog is not released. | Internet_explorer | N/A | ||
| 2002-03-29 | CVE-2002-0078 | The zone determination function in Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to run scripts in the Local Computer zone by embedding the script in a cookie, aka the "Cookie-based Script Execution" vulnerability. | Internet_explorer | N/A | ||
| 2002-05-29 | CVE-2002-0269 | Internet Explorer 5.x and 6 interprets an object as an HTML document even when its MIME Content-Type is text/plain, which could allow remote attackers to execute arbitrary script in documents that the user does not expect, possibly through web applications that use a text/plain type to prevent cross-site scripting attacks. | Internet_explorer | N/A |