Vulnerabilities > Microsoft > IE > 6

DATE CVE VULNERABILITY TITLE RISK
2009-07-22 CVE-2009-2576 Resource Management Errors vulnerability in Microsoft IE and Internet Explorer
Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a long Unicode string argument to the write method, a related issue to CVE-2009-2479.
network
low complexity
microsoft CWE-399
5.0
2008-04-08 CVE-2008-1085 Code Injection vulnerability in Microsoft IE and Internet Explorer
Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 through SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream that triggers memory corruption, as demonstrated using an invalid MIME-type that does not have a registered handler.
network
microsoft CWE-94
critical
9.3
2008-02-13 CVE-2008-0751 Cross-Site Scripting vulnerability in S9Y Serendipity Event Freetag
Cross-site scripting (XSS) vulnerability in the Freetag before 2.96 plugin for S9Y Serendipity, when using Internet Explorer 6 or 7, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to plugin/tag/.
network
microsoft s9y CWE-79
4.3
2008-02-12 CVE-2008-0078 Code Injection vulnerability in Microsoft Activex, IE and Internet Explorer
Unspecified vulnerability in an ActiveX control (dxtmsft.dll) in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via a crafted image, aka "Argument Handling Memory Corruption Vulnerability."
network
microsoft CWE-94
critical
9.3
2008-02-12 CVE-2008-0076 Code Injection vulnerability in Microsoft IE and Internet Explorer
Unspecified vulnerability in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via crafted HTML layout combinations, aka "HTML Rendering Memory Corruption Vulnerability."
network
microsoft CWE-94
critical
9.3
2007-03-02 CVE-2006-7065 Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via an IFRAME with a certain XML file and XSL stylesheet that triggers a crash in mshtml.dll when a refresh is called, probably a null pointer dereference.
network
low complexity
microsoft canon
5.0
2006-11-14 CVE-2006-5884 Unspecified vulnerability in Microsoft IE and Internet Explorer
Multiple unspecified vulnerabilities in DirectAnimation ActiveX controls for Microsoft Internet Explorer 5.01 through 6 have unknown impact and remote attack vectors, possibly related to (1) Danim.dll and (2) Lmrt.dll, a different set of vulnerabilities than CVE-2006-4446 and CVE-2006-4777.
network
low complexity
microsoft
7.5
2006-11-14 CVE-2006-4687 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft IE and Internet Explorer
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via crafted layout combinations involving DIV tags and HTML CSS float properties that trigger memory corruption, aka "HTML Rendering Memory Corruption Vulnerability."
network
high complexity
microsoft CWE-119
5.1
2006-08-09 CVE-2006-3643 Cross-Site Scripting vulnerability in Microsoft IE and Internet Explorer
Cross-site scripting (XSS) vulnerability in Internet Explorer 5.01 and 6 in Microsoft Windows 2000 SP4 permits access to local "HTML-embedded resource files" in the Microsoft Management Console (MMC) library, which allows remote authenticated users to execute arbitrary commands, aka "MMC Redirect Cross-Site Scripting Vulnerability."
network
microsoft CWE-79
6.0
2006-08-09 CVE-2006-3640 Unspecified vulnerability in Microsoft IE and Internet Explorer
Microsoft Internet Explorer 5.01 and 6 allows certain script to persist across navigations between pages, which allows remote attackers to obtain the window location of visited web pages in other domains or zones, aka "Window Location Information Disclosure Vulnerability."
network
low complexity
microsoft
5.0