Vulnerabilities > Microsoft > IE > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-01-19 | CVE-2007-0356 | Remote Denial of Service vulnerability in FolderTreeView ActiveX Control The Common Controls Replacement Project (CCRP) FolderTreeview (FTV) ActiveX control (ccrpftv6.ocx) allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long CCRP.RootFolder property value. | 5.0 |
| 2006-12-20 | CVE-2006-6659 | Remote Internet Explorer Denial of Service vulnerability in Microsoft IE, Outlook and Windows XP The Microsoft Office Outlook Recipient ActiveX control (ole32.dll) in Windows XP SP2 allows remote attackers to cause a denial of service (Internet Explorer 7 hang) via crafted HTML. | 5.0 |
| 2006-12-12 | CVE-2006-5577 | Information Disclosure vulnerability in Microsoft Internet Explorer Object Tag TIF Folder Microsoft Internet Explorer 6 and earlier allows remote attackers to obtain sensitive information via unspecified uses of the OBJECT HTML tag, which discloses the absolute path of the corresponding TIF folder, aka "TIF Folder Information Disclosure Vulnerability," and a different issue than CVE-2006-5578. network microsoft | 4.3 |
| 2006-11-15 | CVE-2006-5913 | Remote Security vulnerability in Microsoft IE 7.0 Microsoft Internet Explorer 7 allows remote attackers to (1) cause a security certificate from a secure web site to appear invalid via a link to res://ieframe.dll/sslnavcancel.htm with the target site in the anchor identifier, which displays the site's URL in the address bar but causes Internet Explorer to report that the certificate is invalid, or (2) trigger a "The webpage no longer exists" report via a link to res://ieframe.dll/http_410.htm, a variant of CVE-2006-5805. | 6.4 |
| 2006-11-14 | CVE-2006-4687 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via crafted layout combinations involving DIV tags and HTML CSS float properties that trigger memory corruption, aka "HTML Rendering Memory Corruption Vulnerability." | 5.1 |
| 2006-11-08 | CVE-2006-5805 | Remote Security vulnerability in Microsoft IE 7.0 Microsoft Internet Explorer 7 allows remote attackers to cause a security certificate from a secure web site to appear invalid via a link to res://ieframe.dll/invalidcert.htm with the target site as an argument, which displays the site's URL in the address bar but causes Internet Explorer to report that the certificate is invalid. | 5.0 |
| 2006-10-26 | CVE-2006-5544 | Unspecified vulnerability in Microsoft IE 7.0 Visual truncation vulnerability in Microsoft Internet Explorer 7 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a malicious URL containing non-breaking spaces (%A0), which causes the address bar to omit some characters from the URL. | 6.4 |
| 2006-09-19 | CVE-2006-4888 | Unspecified vulnerability in Microsoft IE Microsoft Internet Explorer 6 and earlier allows remote attackers to cause a denial of service (application hang) via a CSS-formatted HTML INPUT element within a DIV element that has a larger size than the INPUT. | 5.0 |
| 2006-08-30 | CVE-2006-4446 | Buffer Overflow vulnerability in Microsoft IE 6.0 Heap-based buffer overflow in DirectAnimation.PathControl COM object (daxctle.ocx) in Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Spline function call whose first argument specifies a large number of points. | 5.0 |
| 2006-08-23 | CVE-2006-4301 | Improper Input Validation vulnerability in Microsoft IE 6.0 Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash) via a long Color attribute in multiple DirectX Media Image DirectX Transforms ActiveX COM Objects from (a) dxtmsft.dll and (b) dxtmsft3.dll, including (1) DXImageTransform.Microsoft.MaskFilter.1, (2) DXImageTransform.Microsoft.Chroma.1, and (3) DX3DTransform.Microsoft.Shapes.1. | 5.0 |