Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Internet_explorer
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 1640 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 1999-12-02 | CVE-1999-0858 | Internet Explorer 5 allows a remote attacker to modify the IE client's proxy configuration via a malicious Web Proxy Auto-Discovery (WPAD) server. | Internet_explorer | N/A | ||
| 1999-12-08 | CVE-1999-0981 | Internet Explorer 5.01 and earlier allows a remote attacker to create a reference to a client window and use a server-side redirect to access local files via that window, aka "Server-side Page Reference Redirect." | Internet_explorer | N/A | ||
| 2000-01-04 | CVE-1999-0876 | Buffer overflow in Internet Explorer 4.0 via EMBED tag. | Ie, Internet_explorer | N/A | ||
| 2000-02-21 | CVE-2000-0160 | The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software's manufacturer is Microsoft. | Ie, Internet_explorer, Outlook | N/A | ||
| 2000-04-18 | CVE-2000-0266 | Internet Explorer 5.01 allows remote attackers to bypass the cross frame security policy via a malicious applet that interacts with the Java JSObject to modify the DOM properties to set the IFRAME to an arbitrary Javascript URL. | Internet_explorer | N/A | ||
| 2000-05-11 | CVE-2000-0439 | Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain client cookies from another domain by including that domain name and escaped characters in a URL, aka the "Unauthorized Cookie Access" vulnerability. | Internet_explorer | N/A | ||
| 2000-07-14 | CVE-2000-0662 | Internet Explorer 5.x and Microsoft Outlook allows remote attackers to read arbitrary files by redirecting the contents of an IFRAME using the DHTML Edit Control (DHTMLED). | Internet_explorer | N/A | ||
| 2001-04-20 | CVE-2001-1325 | Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow remote attackers to execute scripts when Active Scripting is disabled by including the scripts in XML stylesheets (XSL) that are referenced using an IFRAME tag, possibly due to a vulnerability in Windows Scripting Host (WSH). | Internet_explorer, Outlook_express | N/A | ||
| 2001-09-20 | CVE-2001-0643 | Internet Explorer 5.5 does not display the Class ID (CLSID) when it is at the end of the file name, which could allow attackers to trick the user into executing dangerous programs by making it appear that the document is of a safe file type. | Internet_explorer | N/A | ||
| 2004-11-03 | CVE-2004-0214 | Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious servers to cause a denial of service (application crash) and possibly execute arbitrary code via long share names, as demonstrated using Samba. | Internet_explorer, Windows_2000, Windows_98, Windows_me, Windows_xp | N/A |