Internet Explorer

internet_explorer

Vendor: Microsoft • 1,635 CVEs

CVEs (1,635)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2000-0400 1Microsoft 1Internet Explorer Apr 16, 2026 May 13, 2000 N/A· v4 N/A· v3 7.5 HIGH· v2 The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does not restrict which file types can be downloaded, which allows an attacker to download any type of file to a user's system by encoding it within an em...Show more The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does not restrict which file types can be downloaded, which allows an attacker to download any type of file to a user's system by encoding it within an email message or news post.Show less
CVE-2000-0439 1Microsoft 1Internet Explorer Apr 16, 2026 May 11, 2000 N/A· v4 N/A· v3 2.6 LOW· v2 Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain client cookies from another domain by including that domain name and escaped characters in a URL, aka the "Unauthorized Cookie Access" vulnerability.
CVE-2000-0266 1Microsoft 1Internet Explorer Apr 16, 2026 Apr 18, 2000 N/A· v4 N/A· v3 2.6 LOW· v2 Internet Explorer 5.01 allows remote attackers to bypass the cross frame security policy via a malicious applet that interacts with the Java JSObject to modify the DOM properties to set the IFRAME to an arbitrary Javascr...Show more Internet Explorer 5.01 allows remote attackers to bypass the cross frame security policy via a malicious applet that interacts with the Java JSObject to modify the DOM properties to set the IFRAME to an arbitrary Javascript URL.Show less
CVE-2000-0201 1Microsoft 1Internet Explorer Apr 16, 2026 Mar 1, 2000 N/A· v4 N/A· v3 5.1 MEDIUM· v2 The window.showHelp() method in Internet Explorer 5.x does not restrict HTML help files (.chm) to be executed from the local host, which allows remote attackers to execute arbitrary commands via Microsoft Networking.
CVE-2000-0160 1Microsoft 3Ie Internet ExplorerOutlook Apr 16, 2026 Feb 21, 2000 N/A· v4 N/A· v3 7.6 HIGH· v2 The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software's manufacturer is Microsoft.
CVE-2000-0162 1Microsoft 3Ie Internet ExplorerVisual Studio Apr 16, 2026 Feb 18, 2000 N/A· v4 N/A· v3 5.1 MEDIUM· v2 The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability.
CVE-2000-0156 1Microsoft 1Internet Explorer Apr 16, 2026 Feb 16, 2000 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Internet Explorer 4.x and 5.x allows remote web servers to access files on the client that are outside of its security domain, aka the "Image Source Redirect" vulnerability.
CVE-2000-0061 1Microsoft 1Internet Explorer Apr 16, 2026 Jan 7, 2000 N/A· v4 N/A· v3 10.0 HIGH· v2 Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document has been loaded, which could allow remote attackers to execute Javascript in a different se...Show more Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document has been loaded, which could allow remote attackers to execute Javascript in a different security context while the document is loading.Show less
CVE-1999-0876 1Microsoft 2Ie Internet Explorer Apr 16, 2026 Jan 4, 2000 N/A· v4 N/A· v3 10.0 HIGH· v2 Buffer overflow in Internet Explorer 4.0 via EMBED tag.
CVE-1999-1473 1Microsoft 1Internet Explorer Apr 16, 2026 Dec 31, 1999 N/A· v4 N/A· v3 5.0 MEDIUM· v2 When a Web site redirects the browser to another site, Internet Explorer 3.02 and 4.0 automatically resends authentication information to the second site, aka the "Page Redirect Issue."
CVE-1999-1472 1Microsoft 1Internet Explorer Apr 16, 2026 Dec 31, 1999 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user's machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Freiburg text-viewing...Show more Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user's machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Freiburg text-viewing issue.Show less
CVE-1999-1094 1Microsoft 1Internet Explorer Apr 16, 2026 Dec 31, 1999 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in Internet Explorer 4.01 and earlier allows remote attackers to execute arbitrary commands via a long URL with the "mk:" protocol, aka the "MK Overrun security issue."
CVE-1999-1093 1Microsoft 1Internet Explorer Apr 16, 2026 Dec 31, 1999 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Buffer overflow in the Window.External function in the JScript Scripting Engine in Internet Explorer 4.01 SP1 and earlier allows remote attackers to execute arbitrary commands via a malicious web page.
CVE-1999-1087 1Microsoft 1Internet Explorer Apr 16, 2026 Dec 31, 1999 N/A· v4 N/A· v3 7.5 HIGH· v2 Internet Explorer 4 treats a 32-bit number ("dotless IP address") in the a URL as the hostname instead of an IP address, which causes IE to apply Local Intranet Zone settings to the resulting web page, allowing remote ma...Show more Internet Explorer 4 treats a 32-bit number ("dotless IP address") in the a URL as the hostname instead of an IP address, which causes IE to apply Local Intranet Zone settings to the resulting web page, allowing remote malicious web servers to conduct unauthorized activities by using URLs that contain the dotless IP address for their server.Show less
CVE-2000-0028 1Microsoft 2Ie Internet Explorer Apr 16, 2026 Dec 23, 1999 N/A· v4 N/A· v3 2.6 LOW· v2 Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy and read files via the external.NavigateAndFind function.
CVE-1999-0981 1Microsoft 1Internet Explorer Apr 16, 2026 Dec 8, 1999 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Internet Explorer 5.01 and earlier allows a remote attacker to create a reference to a client window and use a server-side redirect to access local files via that window, aka "Server-side Page Reference Redirect."
CVE-1999-0858 1Microsoft 1Internet Explorer Apr 16, 2026 Dec 2, 1999 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Internet Explorer 5 allows a remote attacker to modify the IE client's proxy configuration via a malicious Web Proxy Auto-Discovery (WPAD) server.
CVE-1999-0793 1Microsoft 1Internet Explorer Apr 16, 2026 Nov 17, 1999 N/A· v4 N/A· v3 2.6 LOW· v2 Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet.
CVE-1999-1110 1Microsoft 1Internet Explorer Apr 16, 2026 Nov 14, 1999 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Windows Media Player ActiveX object as used in Internet Explorer 5.0 returns a specific error code when a file does not exist, which allows remote malicious web sites to determine the existence of files on the client.
CVE-2000-0329 1Microsoft 4Ie Internet ExplorerOutlook+1 more Apr 16, 2026 Nov 11, 1999 N/A· v4 N/A· v3 5.1 MEDIUM· v2 A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability.

Previous 1...78 798081 82 Next