Vulnerabilities > Microsoft > Internet Explorer > 4.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-02-08 | CVE-2006-0585 | Unspecified vulnerability in Microsoft Internet Explorer jscript.dll in Microsoft Internet Explorer 6.0 SP1 and earlier allows remote attackers to cause a denial of service (application crash) via a Shockwave Flash object that contains ActionScript code that calls VBScript, which in turn calls the Javascript document.write function, which triggers a null dereference. | 5.0 |
| 2005-12-31 | CVE-2005-4844 | Unspecified vulnerability in Microsoft Internet Explorer The CLSID_ApprenticeICW control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer. network microsoft | 7.1 |
| 2002-09-24 | CVE-2002-0976 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 4.0 and later allows remote attackers to read arbitrary files via a web page that accesses a legacy XML Datasource applet (com.ms.xml.dso.XMLDSO.class) and modifies the base URL to point to the local system, which is trusted by the applet. | 6.4 |
| 2002-05-29 | CVE-2002-0242 | Unspecified vulnerability in Microsoft Internet Explorer Cross-site scripting vulnerability in Internet Explorer 6 earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed. | 7.5 |
| 2001-12-31 | CVE-2001-1497 | Unspecified vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it easier to conduct a brute-force password guessing attack. | 2.1 |
| 2001-07-21 | CVE-2001-0002 | Unspecified vulnerability in Microsoft Internet Explorer and Windows Script Host Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs. | 7.5 |
| 2001-06-27 | CVE-2001-0339 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 5.5 and earlier allows remote attackers to display a URL in the address bar that is different than the URL that is actually being displayed, which could be used in web site spoofing attacks, aka the "Web page spoofing vulnerability." | 7.5 |
| 2001-06-27 | CVE-2001-0338 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerability." | 5.1 |
| 2001-06-27 | CVE-2001-0246 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain, aka a variant of the "Frame Domain Verification" vulnerability. | 5.0 |
| 2001-06-02 | CVE-2001-0322 | Unspecified vulnerability in Microsoft Internet Explorer, Outlook and Outlook Express MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, allows remote attackers to cause a denial of service (application crash) via a script that creates and deletes an object that is associated with the browser window object. | 5.0 |