Vulnerabilities > Microsoft > IE > 5.0

DATE CVE VULNERABILITY TITLE RISK
2009-07-22 CVE-2009-2576 Resource Management Errors vulnerability in Microsoft IE and Internet Explorer
Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a long Unicode string argument to the write method, a related issue to CVE-2009-2479.
network
low complexity
microsoft CWE-399
5.0
2009-06-15 CVE-2009-2069 Improper Authentication vulnerability in Microsoft IE and Internet Explorer
Microsoft Internet Explorer before 8 displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, and then sending the browser a crafted 502 response page upon a subsequent request.
network
microsoft CWE-287
5.8
2009-06-15 CVE-2009-2057 Improper Authentication vulnerability in Microsoft IE and Internet Explorer
Microsoft Internet Explorer before 8 uses the HTTP Host header to determine the context of a document provided in a (1) 4xx or (2) 5xx CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL tampering" attack.
network
microsoft CWE-287
5.8
2007-09-12 CVE-2007-4848 Unspecified vulnerability in Microsoft IE and Internet Explorer
Microsoft Internet Explorer 4.0 through 7 allows remote attackers to determine the existence of local files that have associated images via a res:// URI in the src property of a JavaScript Image object, as demonstrated by the URI for a bitmap image resource within a (1) .exe or (2) .dll file.
network
microsoft
4.3
2006-08-08 CVE-2006-3451 Improper Input Validation vulnerability in Microsoft IE 5.0/6
Microsoft Internet Explorer 5 SP4 and 6 do not properly garbage collect when "multiple imports are used on a styleSheets collection" to construct a chain of Cascading Style Sheets (CSS), which allows remote attackers to execute arbitrary code via unspecified vectors.
network
low complexity
microsoft CWE-20
7.5
2006-04-29 CVE-2006-2094 Race Condition vulnerability in Microsoft IE and Internet Explorer
Microsoft Internet Explorer before Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1, when Prompt is configured in Security Settings, uses modal dialogs to verify that a user wishes to run an ActiveX control or perform other risky actions, which allows user-assisted remote attackers to construct a race condition that tricks a user into clicking an object or pressing keys that are actually applied to a "Yes" approval for executing the control.
network
high complexity
microsoft CWE-362
5.1
2002-04-22 CVE-2002-0153 Unspecified vulnerability in Microsoft IE
Internet Explorer 5.1 for Macintosh allows remote attackers to bypass security checks and invoke local AppleScripts within a specific HTML element, aka the "Local Applescript Invocation" vulnerability.
network
low complexity
microsoft
7.5
2001-12-20 CVE-2001-1218 Denial of Service vulnerability in Microsoft IE 5.0
Microsoft Internet Explorer for Unix 5.0SP1 allows local users to possibly cause a denial of service (crash) in CDE or the X server on Solaris 2.6 by rapidly scrolling Chinese characters or maximizing the window.
local
low complexity
microsoft
2.1
2000-10-20 CVE-2000-0768 Unspecified vulnerability in Microsoft IE and Internet Explorer
A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability.
network
high complexity
microsoft
2.6
2000-06-05 CVE-2000-0519 Unspecified vulnerability in Microsoft IE and Internet Explorer
Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establishes a new SSL session with the same server during the same Internet Explorer session, aka one of two different "SSL Certificate Validation" vulnerabilities.
network
high complexity
microsoft
2.6