Vulnerabilities > Microsoft > IE
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-31 | CVE-2002-1714 | Unspecified vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to cause a denial of service (crash) via an object of type "text/html" with the DATA field that identifies the HTML document that contains the object, which may cause infinite recursion. | 5.0 |
| 2002-12-11 | CVE-2002-1254 | Unspecified vulnerability in Microsoft IE and Internet Explorer Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model and access information on the local system or in other domains, and possibly execute code, via cached methods and objects, aka "Cross Domain Verification via Cached Methods." | 7.5 |
| 2002-12-11 | CVE-2002-1186 | Unspecified vulnerability in Microsoft IE and Internet Explorer Internet Explorer 5.01 through 6.0 does not properly perform security checks on certain encoded characters within a URL, which allows a remote attacker to steal potentially sensitive information from a user by redirecting the user to another site that has that information, aka "Encoded Characters Information Disclosure." | 5.0 |
| 2002-12-11 | CVE-2002-1185 | Unspecified vulnerability in Microsoft IE and Internet Explorer Internet Explorer 5.01 through 6.0 does not properly check certain parameters of a PNG file when opening it, which allows remote attackers to cause a denial of service (crash) by triggering a heap-based buffer overflow using invalid length codes during decompression, aka "Malformed PNG Image File Failure." | 5.0 |
| 2002-11-29 | CVE-2002-1142 | Unspecified vulnerability in Microsoft Data Access Components, IE and Internet Explorer Heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6, and Internet Explorer 5.01 through 6.0, allows remote attackers to execute code via a malformed HTTP request to the Data Stub. | 7.5 |
| 2002-04-22 | CVE-2002-0153 | Unspecified vulnerability in Microsoft IE Internet Explorer 5.1 for Macintosh allows remote attackers to bypass security checks and invoke local AppleScripts within a specific HTML element, aka the "Local Applescript Invocation" vulnerability. | 7.5 |
| 2002-04-22 | CVE-2002-0152 | Buffer Overflow vulnerability in Multiple Microsoft Products for MacOS File URL Buffer overflow in various Microsoft applications for Macintosh allows remote attackers to cause a denial of service (crash) or execute arbitrary code by invoking the file:// directive with a large number of / characters, which affects Internet Explorer 5.1, Outlook Express 5.0 through 5.0.2, Entourage v. | 7.5 |
| 2001-12-31 | CVE-2001-1497 | Unspecified vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it easier to conduct a brute-force password guessing attack. | 2.1 |
| 2001-12-31 | CVE-2001-1489 | Denial of Service vulnerability in Microsoft IE 6 Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images. | 5.0 |
| 2001-12-20 | CVE-2001-1218 | Denial of Service vulnerability in Microsoft IE 5.0 Microsoft Internet Explorer for Unix 5.0SP1 allows local users to possibly cause a denial of service (crash) in CDE or the X server on Solaris 2.6 by rapidly scrolling Chinese characters or maximizing the window. | 2.1 |