Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Internet_explorer
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 1640 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2001-11-20 | CVE-2001-0904 | Internet Explorer 5.5 and 6 with the Q312461 (MS01-055) patch modifies the HTTP_USER_AGENT (UserAgent) information that indicates that the patch has been installed, which could allow remote malicious web sites to more easily identify and exploit vulnerable clients. | Internet_explorer | N/A | ||
| 2001-11-26 | CVE-2001-0919 | Internet Explorer 5.50.4134.0100 on Windows ME with "Prompt to allow cookies to be stored on your machine" enabled does not warn a user when a cookie is set using Javascript. | Internet_explorer | N/A | ||
| 2001-11-26 | CVE-2001-0875 | Internet Explorer 5.5 and 6.0 allows remote attackers to cause the File Download dialogue box to misrepresent the name of the file in the dialogue in a way that could fool users into thinking that the file type is safe to download. | Internet_explorer | N/A | ||
| 2001-12-06 | CVE-2001-0807 | Internet Explorer 5.0, and possibly other versions, may allow remote attackers (malicious web pages) to read known text files from a client's hard drive via a SCRIPT tag with a SRC value that points to the text file. | Internet_explorer | N/A | ||
| 2001-12-06 | CVE-2001-0722 | Internet Explorer 5.5 and 6.0 allows remote attackers to read and modify user cookies via Javascript in an about: URL, aka the "First Cookie Handling Vulnerability." | Internet_explorer | N/A | ||
| 2001-12-13 | CVE-2001-0874 | Internet Explorer 5.5 and 6.0 allow remote attackers to read certain files via HTML that passes information from a frame in the client's domain to a frame in the web site's domain, a variant of the "Frame Domain Verification" vulnerability. | Internet_explorer | N/A | ||
| 2003-05-12 | CVE-2003-0113 | Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via an HTTP response containing long values in (1) Content-type and (2) Content-encoding fields. | Ie, Internet_explorer | N/A | ||
| 2001-12-20 | CVE-2001-1219 | Microsoft Internet Explorer 6.0 and earlier allows malicious website operators to cause a denial of service (client crash) via JavaScript that continually refreshes the window via self.location. | Internet_explorer | N/A | ||
| 2001-12-31 | CVE-2001-1539 | Stack consumption vulnerability in Internet Explorer The JavaScript settimeout function in Internet Explorer allows remote attackers to cause a denial of service (crash) via the JavaScript settimeout function. NOTE: the vendor could not reproduce the problem. | Internet_explorer | N/A | ||
| 2001-12-31 | CVE-2001-1497 | Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it easier to conduct a brute-force password guessing attack. | Ie, Internet_explorer | N/A |