Vulnerabilities > Microsoft > Internet Explorer > 5.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-12-31 | CVE-2002-2311 | Permissions, Privileges, and Access Controls vulnerability in multiple products Microsoft Internet Explorer 6.0 and possibly others allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a webpage. | 6.4 |
2002-12-31 | CVE-2002-2031 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 5.0, 5.0.1 and 5.5 with JavaScript execution enabled allows remote attackers to determine the existence of arbitrary files via a script tag with a src parameter that references a non-JavaScript file, then using the onError event handler to monitor the results. | 5.0 |
2002-12-31 | CVE-2002-1714 | Unspecified vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to cause a denial of service (crash) via an object of type "text/html" with the DATA field that identifies the HTML document that contains the object, which may cause infinite recursion. | 5.0 |
2002-12-31 | CVE-2002-1671 | Unspecified vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 5.0, 5.01, and 5.5 allows remote attackers to monitor the contents of the clipboard via the getData method of the clipboardData object. | 5.0 |
2002-12-11 | CVE-2002-1187 | Unspecified vulnerability in Microsoft Internet Explorer Cross-site scripting vulnerability (XSS) in Internet Explorer 5.01 through 6.0 allows remote attackers to read and execute files on the local system via web pages using the <frame> or <iframe> element and javascript, aka "Frames Cross Site Scripting," as demonstrated using the PrivacyPolicy.dlg resource. network microsoft | 6.8 |
2002-09-24 | CVE-2002-0976 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 4.0 and later allows remote attackers to read arbitrary files via a web page that accesses a legacy XML Datasource applet (com.ms.xml.dso.XMLDSO.class) and modifies the base URL to point to the local system, which is trusted by the applet. | 6.4 |
2002-08-12 | CVE-2002-0832 | Unspecified vulnerability in Microsoft Internet Explorer 5.0/5.5/6.0 Internet Explorer 5, 5.6, and 6 allows remote attackers to bypass cookie privacy settings and store information across browser sessions via the userData (storeuserData) feature. | 7.5 |
2002-08-12 | CVE-2002-0500 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 5.0 through 6.0 allows remote attackers to determine the existence of files on the client via an IMG tag with a dynsrc property that references the target file, which sets certain elements of the image object such as file size. | 5.0 |
2002-05-29 | CVE-2002-0269 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 5.x and 6 interprets an object as an HTML document even when its MIME Content-Type is text/plain, which could allow remote attackers to execute arbitrary script in documents that the user does not expect, possibly through web applications that use a text/plain type to prevent cross-site scripting attacks. | 7.5 |
2002-05-29 | CVE-2002-0242 | Unspecified vulnerability in Microsoft Internet Explorer Cross-site scripting vulnerability in Internet Explorer 6 earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed. | 7.5 |