Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ie
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 202 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 1999-12-23 | CVE-2000-0028 | Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy and read files via the external.NavigateAndFind function. | Ie, Internet_explorer | N/A | ||
| 2000-06-05 | CVE-2000-0518 | Internet Explorer 4.x and 5.x does not properly verify all contents of an SSL certificate if a connection is made to the server via an image or a frame, aka one of two different "SSL Certificate Validation" vulnerabilities. | Ie, Internet_explorer | N/A | ||
| 2003-08-27 | CVE-2003-0531 | Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to access and execute script in the My Computer domain using the browser cache via crafted Content-Type and Content-Disposition headers, aka the "Browser Cache Script Execution in My Computer Zone" vulnerability. | Ie, Internet_explorer | N/A | ||
| 2003-08-27 | CVE-2003-0530 | Buffer overflow in the BR549.DLL ActiveX control for Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to execute arbitrary code. | Ie, Internet_explorer | N/A | ||
| 2000-06-05 | CVE-2000-0519 | Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establishes a new SSL session with the same server during the same Internet Explorer session, aka one of two different "SSL Certificate Validation" vulnerabilities. | Ie, Internet_explorer | N/A | ||
| 2002-11-29 | CVE-2002-1142 | Heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6, and Internet Explorer 5.01 through 6.0, allows remote attackers to execute code via a malformed HTTP request to the Data Stub. | Data_access_components, Ie, Internet_explorer | N/A | ||
| 1999-11-11 | CVE-2000-0329 | A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability. | Ie, Internet_explorer, Outlook, Outlook_express | N/A | ||
| 2000-02-18 | CVE-2000-0162 | The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability. | Ie, Internet_explorer, Visual_studio | N/A | ||
| 2000-10-20 | CVE-2000-0768 | A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability. | Ie, Internet_explorer | N/A | ||
| 2003-05-12 | CVE-2003-0116 | Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote attackers to read files on the local system via a web page containing script that creates a dialog and then accesses the target files, aka "Modal Dialog script execution." | Ie, Internet_explorer | N/A |