Vulnerabilities > Microsoft > IE
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-06-16 | CVE-2003-0344 | Unspecified vulnerability in Microsoft IE and Internet Explorer Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page. | 7.5 |
| 2003-05-12 | CVE-2003-0233 | Unspecified vulnerability in Microsoft IE and Internet Explorer Heap-based buffer overflow in plugin.ocx for Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via the Load() method, a different vulnerability than CVE-2003-0115. | 7.5 |
| 2003-05-12 | CVE-2003-0116 | Unspecified vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote attackers to read files on the local system via a web page containing script that creates a dialog and then accesses the target files, aka "Modal Dialog script execution." | 5.0 |
| 2003-05-12 | CVE-2003-0115 | Unspecified vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check parameters that are passed during third party rendering, which could allow remote attackers to execute arbitrary web script, aka the "Third Party Plugin Rendering" vulnerability, a different vulnerability than CVE-2003-0233. | 7.5 |
| 2003-05-12 | CVE-2003-0114 | Unspecified vulnerability in Microsoft IE and Internet Explorer The file upload control in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to automatically upload files from the local system via a web page containing a script to upload the files. | 5.0 |
| 2003-05-12 | CVE-2003-0113 | Unspecified vulnerability in Microsoft IE and Internet Explorer Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via an HTTP response containing long values in (1) Content-type and (2) Content-encoding fields. | 7.5 |
| 2003-02-19 | CVE-2003-1328 | Unspecified vulnerability in Microsoft IE and Internet Explorer The showHelp() function in Microsoft Internet Explorer 5.01, 5.5, and 6.0 supports certain types of pluggable protocols that allow remote attackers to bypass the cross-domain security model and execute arbitrary code, aka "Improper Cross Domain Security Validation with ShowHelp functionality." | 7.5 |
| 2003-02-19 | CVE-2003-1326 | Unspecified vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model to run malicious script or arbitrary programs via dialog boxes, aka "Improper Cross Domain Security Validation with dialog box." | 7.5 |
| 2002-12-31 | CVE-2002-2125 | Unspecified vulnerability in Microsoft IE and Internet Explorer Internet Explorer 6.0 does not warn users when an expired certificate authority (CA) certificate is submitted to the user and a newer CA certificate is in the user's local repository, which could allow remote attackers to decrypt web sessions via a man-in-the-middle (MITM) attack. | 6.4 |
| 2002-12-31 | CVE-2002-1824 | Unspecified vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 6.0, when handling an expired CA-CERT in a webserver's certificate chain during a SSL/TLS handshake, does not prompt the user before searching for and finding a newer certificate, which may allow attackers to perform a man-in-the-middle attack. | 5.0 |