Internet Explorer

internet_explorer

Vendor: Microsoft • 1,635 CVEs

CVEs (1,635)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-1999-0827 2Microsoft Netscape 3Ie Internet ExplorerNavigator Apr 16, 2026 Nov 1, 1999 N/A· v4 N/A· v3 2.6 LOW· v2 By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing.
CVE-1999-0354 1Microsoft 2Internet Explorer Word Apr 16, 2026 Nov 1, 1999 N/A· v4 N/A· v3 7.5 HIGH· v2 Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content. Als...Show more Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content. Also applies to Outlook when the client views a malicious email message.Show less
CVE-1999-1577 1Microsoft 1Internet Explorer Apr 16, 2026 Oct 31, 1999 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Buffer overflow in HHOpen ActiveX control (hhopen.ocx) 1.0.0.1 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands via long arguments to the OpenHelp method.
CVE-1999-0877 1Microsoft 1Internet Explorer Apr 16, 2026 Oct 1, 1999 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Internet Explorer 5 allows remote attackers to read files via an ExecCommand method called on an IFRAME.
CVE-1999-1578 1Microsoft 1Internet Explorer Apr 16, 2026 Sep 24, 1999 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Buffer overflow in Registration Wizard ActiveX control (regwizc.dll, InvokeRegWizard) 3.0.0.0 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands.
CVE-1999-1575 1Microsoft 1Internet Explorer Apr 16, 2026 Sep 10, 1999 N/A· v4 N/A· v3 5.1 MEDIUM· v2 The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration...Show more The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands.Show less
CVE-1999-0702 1Microsoft 1Internet Explorer Apr 16, 2026 Sep 10, 1999 N/A· v4 N/A· v3 10.0 HIGH· v2 Internet Explorer 5.0 and 5.01 allows remote attackers to modify or execute files via the Import/Export Favorites feature, aka the "ImportExportFavorites" vulnerability.
CVE-1999-0891 1Microsoft 1Internet Explorer Apr 16, 2026 Sep 1, 1999 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The "download behavior" in Internet Explorer 5 allows remote attackers to read arbitrary files via a server-side redirect.
CVE-1999-0670 1Microsoft 1Internet Explorer Apr 16, 2026 Sep 1, 1999 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Buffer overflow in the Eyedog ActiveX control allows a remote attacker to execute arbitrary commands.
CVE-1999-0669 1Microsoft 1Internet Explorer Apr 16, 2026 Sep 1, 1999 N/A· v4 N/A· v3 4.0 MEDIUM· v2 The Eyedog ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy.
CVE-1999-1016 2Microsoft Qualcomm 4Eudora FrontpageInternet Explorer+1 more Apr 16, 2026 Aug 27, 1999 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service...Show more Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell.Show less
CVE-1999-1235 1Microsoft 1Internet Explorer Apr 16, 2026 Aug 25, 1999 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Internet Explorer 5.0 records the username and password for FTP servers in the URL history, which could allow (1) local users to read the information from another user's index.dat, or (2) people who are physically observ...Show more Internet Explorer 5.0 records the username and password for FTP servers in the URL history, which could allow (1) local users to read the information from another user's index.dat, or (2) people who are physically observing ("shoulder surfing") another user to read the information from the status bar when the user moves the mouse over a link.Show less
CVE-1999-0668 1Microsoft 1Internet Explorer Apr 16, 2026 Aug 21, 1999 N/A· v4 N/A· v3 5.1 MEDIUM· v2 The scriptlet.typelib ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy.
CVE-1999-0917 1Microsoft 1Internet Explorer Apr 16, 2026 May 27, 1999 N/A· v4 N/A· v3 5.1 MEDIUM· v2 The Preloader ActiveX control used by Internet Explorer allows remote attackers to read arbitrary files.
CVE-1999-0802 1Microsoft 1Internet Explorer Apr 16, 2026 May 27, 1999 N/A· v4 N/A· v3 7.6 HIGH· v2 Buffer overflow in Internet Explorer 5 allows remote attackers to execute commands via a malformed Favorites icon.
CVE-1999-1367 1Microsoft 1Internet Explorer Apr 16, 2026 May 6, 1999 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Internet Explorer 5.0 does not properly reset the username/password cache for Web sites that do not use standard cache controls, which could allow users on the same system to access restricted web sites that were visited...Show more Internet Explorer 5.0 does not properly reset the username/password cache for Web sites that do not use standard cache controls, which could allow users on the same system to access restricted web sites that were visited by other users.Show less
CVE-1999-1241 1Microsoft 1Internet Explorer Apr 16, 2026 May 6, 1999 N/A· v4 N/A· v3 10.0 HIGH· v2 Internet Explorer, with a security setting below Medium, allows remote attackers to execute arbitrary commands via a malicious web page that uses the FileSystemObject ActiveX object.
CVE-1999-0487 1Microsoft 1Internet Explorer Apr 16, 2026 May 1, 1999 N/A· v4 N/A· v3 2.6 LOW· v2 The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files.
CVE-1999-0490 1Microsoft 1Internet Explorer Apr 16, 2026 Apr 21, 1999 N/A· v4 N/A· v3 7.5 HIGH· v2 MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to learn information about a local user's files via an IMG SRC tag.
CVE-1999-0488 1Microsoft 1Internet Explorer Apr 16, 2026 Apr 21, 1999 N/A· v4 N/A· v3 7.5 HIGH· v2 Internet Explorer 4.0 and 5.0 allows a remote attacker to execute security scripts in a different security context using malicious URLs, a variant of the "cross frame" vulnerability.

Previous 1...78 79 808182 Next