Internet Explorer

internet_explorer

Vendor: Microsoft • 1,635 CVEs

CVEs (1,635)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2001-0322 1Microsoft 3Internet Explorer OutlookOutlook Express Apr 16, 2026 Jun 2, 2001 N/A· v4 N/A· v3 5.0 MEDIUM· v2 MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, allows remote attackers to cause a denial of service (application crash) via a script that creates and deletes an object that is associated with the br...Show more MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, allows remote attackers to cause a denial of service (application crash) via a script that creates and deletes an object that is associated with the browser window object.Show less
CVE-2001-0150 1Microsoft 1Internet Explorer Apr 16, 2026 Jun 2, 2001 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Internet Explorer 5.5 and earlier executes Telnet sessions using command line arguments that are specified by the web site, which could allow remote attackers to execute arbitrary commands if the IE client is using the T...Show more Internet Explorer 5.5 and earlier executes Telnet sessions using command line arguments that are specified by the web site, which could allow remote attackers to execute arbitrary commands if the IE client is using the Telnet client provided in Services for Unix (SFU) 2.0, which creates session transcripts.Show less
CVE-2001-0149 1Microsoft 1Internet Explorer Apr 16, 2026 Jun 2, 2001 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Windows Scripting Host in Internet Explorer 5.5 and earlier allows remote attackers to read arbitrary files via the GetObject Javascript function and the htmlfile ActiveX object.
CVE-2001-1450 1Microsoft 1Internet Explorer Apr 16, 2026 May 11, 2001 N/A· v4 N/A· v3 2.6 LOW· v2 Microsoft Internet Explorer 5.0 through 6.0 allows attackers to cause a denial of service (browser crash) via a crafted FTP URL such as "/.#./".
CVE-2001-0154 1Microsoft 1Internet Explorer Apr 16, 2026 May 3, 2001 N/A· v4 N/A· v3 7.5 HIGH· v2 HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly.
CVE-2001-1325 1Microsoft 2Internet Explorer Outlook Express Apr 16, 2026 Apr 20, 2001 N/A· v4 N/A· v3 7.5 HIGH· v2 Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow remote attackers to execute scripts when Active Scripting is disabled by including the scripts in XML stylesheets (XSL) that are referenced using an I...Show more Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow remote attackers to execute scripts when Active Scripting is disabled by including the scripts in XML stylesheets (XSL) that are referenced using an IFRAME tag, possibly due to a vulnerability in Windows Scripting Host (WSH).Show less
CVE-2001-0092 1Microsoft 1Internet Explorer Apr 16, 2026 Feb 16, 2001 N/A· v4 N/A· v3 2.6 LOW· v2 A function in Internet Explorer 5.0 through 5.5 does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a new variant of the "Frame Domain Verifica...Show more A function in Internet Explorer 5.0 through 5.5 does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a new variant of the "Frame Domain Verification" vulnerability.Show less
CVE-2001-0091 1Microsoft 1Internet Explorer Apr 16, 2026 Feb 16, 2001 N/A· v4 N/A· v3 2.6 LOW· v2 The ActiveX control for invoking a scriptlet in Internet Explorer 5.0 through 5.5 renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka a variant of the "Scriptlet Rendering"...Show more The ActiveX control for invoking a scriptlet in Internet Explorer 5.0 through 5.5 renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka a variant of the "Scriptlet Rendering" vulnerability.Show less
CVE-2001-0090 1Microsoft 1Internet Explorer Apr 16, 2026 Feb 16, 2001 N/A· v4 N/A· v3 5.1 MEDIUM· v2 The Print Templates feature in Internet Explorer 5.5 executes arbitrary custom print templates without prompting the user, which could allow an attacker to execute arbitrary ActiveX controls, aka the "Browser Print Templ...Show more The Print Templates feature in Internet Explorer 5.5 executes arbitrary custom print templates without prompting the user, which could allow an attacker to execute arbitrary ActiveX controls, aka the "Browser Print Template" vulnerability.Show less
CVE-2001-0089 1Microsoft 1Internet Explorer Apr 16, 2026 Feb 16, 2001 N/A· v4 N/A· v3 2.6 LOW· v2 Internet Explorer 5.0 through 5.5 allows remote attackers to read arbitrary files from the client via the INPUT TYPE element in an HTML form, aka the "File Upload via Form" vulnerability.
CVE-2000-0982 1Microsoft 1Internet Explorer Apr 16, 2026 Dec 19, 2000 N/A· v4 N/A· v3 7.5 HIGH· v2 Internet Explorer before 5.5 forwards cached user credentials for a secure web site to insecure pages on the same web site, which could allow remote attackers to obtain the credentials by monitoring connections to the we...Show more Internet Explorer before 5.5 forwards cached user credentials for a secure web site to insecure pages on the same web site, which could allow remote attackers to obtain the credentials by monitoring connections to the web server, aka the "Cached Web Credentials" vulnerability.Show less
CVE-2000-0768 1Microsoft 2Ie Internet Explorer Apr 16, 2026 Oct 20, 2000 N/A· v4 N/A· v3 2.6 LOW· v2 A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vu...Show more A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability.Show less
CVE-2000-0767 1Microsoft 1Internet Explorer Apr 16, 2026 Oct 20, 2000 N/A· v4 N/A· v3 2.6 LOW· v2 The ActiveX control for invoking a scriptlet in Internet Explorer 4.x and 5.x renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka the "Scriptlet Rendering" vulnerability.
CVE-2000-0662 1Microsoft 1Internet Explorer Apr 16, 2026 Jul 14, 2000 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Internet Explorer 5.x and Microsoft Outlook allows remote attackers to read arbitrary files by redirecting the contents of an IFRAME using the DHTML Edit Control (DHTMLED).
CVE-2000-0596 1Microsoft 1Internet Explorer Apr 16, 2026 Jun 27, 2000 N/A· v4 N/A· v3 7.5 HIGH· v2 Internet Explorer 5.x does not warn a user before opening a Microsoft Access database file that is referenced within ActiveX OBJECT tags in an HTML document, which could allow remote attackers to execute arbitrary comman...Show more Internet Explorer 5.x does not warn a user before opening a Microsoft Access database file that is referenced within ActiveX OBJECT tags in an HTML document, which could allow remote attackers to execute arbitrary commands, aka the "IE Script" vulnerability.Show less
CVE-2000-0503 1Microsoft 1Internet Explorer Apr 16, 2026 Jun 6, 2000 N/A· v4 N/A· v3 2.6 LOW· v2 The IFRAME of the WebBrowser control in Internet Explorer 5.01 allows a remote attacker to violate the cross frame security policy via the NavigateComplete2 event.
CVE-2000-0519 1Microsoft 2Ie Internet Explorer Apr 16, 2026 Jun 5, 2000 N/A· v4 N/A· v3 2.6 LOW· v2 Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establishes a new SSL session with the same server during the same Internet Explorer session, aka one of two different "SSL Certi...Show more Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establishes a new SSL session with the same server during the same Internet Explorer session, aka one of two different "SSL Certificate Validation" vulnerabilities.Show less
CVE-2000-0518 1Microsoft 2Ie Internet Explorer Apr 16, 2026 Jun 5, 2000 N/A· v4 N/A· v3 2.6 LOW· v2 Internet Explorer 4.x and 5.x does not properly verify all contents of an SSL certificate if a connection is made to the server via an image or a frame, aka one of two different "SSL Certificate Validation" vulnerabiliti...Show more Internet Explorer 4.x and 5.x does not properly verify all contents of an SSL certificate if a connection is made to the server via an image or a frame, aka one of two different "SSL Certificate Validation" vulnerabilities.Show less
CVE-2000-0465 1Microsoft 1Internet Explorer Apr 16, 2026 May 17, 2000 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files via the frame, aka the "Frame Domain Verification" vulnerability.
CVE-2000-0464 1Microsoft 1Internet Explorer Apr 16, 2026 May 17, 2000 N/A· v4 N/A· v3 7.6 HIGH· v2 Internet Explorer 4.x and 5.x allows remote attackers to execute arbitrary commands via a buffer overflow in the ActiveX parameter parsing capability, aka the "Malformed Component Attribute" vulnerability.

Previous 1...787980 81 82 Next