Vulnerabilities > Microsoft > IE
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2001-10-30 | CVE-2001-0665 | Unspecified vulnerability in Microsoft IE Internet Explorer 6 and earlier allows remote attackers to cause certain HTTP requests to be automatically executed and appear to come from the user, which could allow attackers to gain privileges or execute operations within web-based services, aka the "HTTP Request Encoding vulnerability." | 7.5 |
2000-12-11 | CVE-2000-1061 | Unspecified vulnerability in Microsoft IE 4.X/5.X Microsoft Virtual Machine (VM) in Internet Explorer 4.x and 5.x allows an unsigned applet to create and use ActiveX controls, which allows a remote attacker to bypass Internet Explorer's security settings and execute arbitrary commands via a malicious web page or email, aka the "Microsoft VM ActiveX Component" vulnerability. | 5.1 |
2000-10-20 | CVE-2000-0768 | Unspecified vulnerability in Microsoft IE and Internet Explorer A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability. | 2.6 |
2000-06-05 | CVE-2000-0519 | Unspecified vulnerability in Microsoft IE and Internet Explorer Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establishes a new SSL session with the same server during the same Internet Explorer session, aka one of two different "SSL Certificate Validation" vulnerabilities. | 2.6 |
2000-06-05 | CVE-2000-0518 | Unspecified vulnerability in Microsoft IE and Internet Explorer Internet Explorer 4.x and 5.x does not properly verify all contents of an SSL certificate if a connection is made to the server via an image or a frame, aka one of two different "SSL Certificate Validation" vulnerabilities. | 2.6 |
2000-02-18 | CVE-2000-0162 | Unspecified vulnerability in Microsoft IE, Internet Explorer and Visual Studio The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability. | 5.1 |
1999-12-23 | CVE-2000-0028 | Unspecified vulnerability in Microsoft IE and Internet Explorer Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy and read files via the external.NavigateAndFind function. | 2.6 |
1999-12-06 | CVE-1999-0989 | Unspecified vulnerability in Microsoft IE 5/5.0 Buffer overflow in Internet Explorer 5 directshow filter (MSDXM.OCX) allows remote attackers to execute commands via the vnd.ms.radio protocol. | 7.5 |
1999-11-11 | CVE-2000-0329 | Unspecified vulnerability in Microsoft products A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability. | 5.1 |
1999-11-01 | CVE-1999-0827 | By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing. | 2.6 |