Vulnerabilities > Microsoft > Internet Explorer > 5.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-05-29 | CVE-2002-0189 | Unspecified vulnerability in Microsoft Internet Explorer 5.0/5.5/6.0 Cross-site scripting vulnerability in Internet Explorer 6.0 allows remote attackers to execute scripts in the Local Computer zone via a URL that exploits a local HTML resource file, aka the "Cross-Site Scripting in Local HTML Resource" vulnerability. | 7.5 |
| 2001-12-06 | CVE-2001-0807 | Unspecified vulnerability in Microsoft Internet Explorer 5.0 Internet Explorer 5.0, and possibly other versions, may allow remote attackers (malicious web pages) to read known text files from a client's hard drive via a SCRIPT tag with a SRC value that points to the text file. | 2.6 |
| 2001-10-30 | CVE-2001-0712 | Unspecified vulnerability in Microsoft Internet Explorer 5.0/5.0.1/5.5 The rendering engine in Internet Explorer determines the MIME type independently of the type that is specified by the server, which allows remote servers to automatically execute script which is placed in a file whose MIME type does not normally support scripting, such as text (.txt), JPEG (.jpg), etc. | 7.5 |
| 2001-07-21 | CVE-2001-0002 | Unspecified vulnerability in Microsoft Internet Explorer and Windows Script Host Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs. | 7.5 |
| 2001-06-27 | CVE-2001-0339 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 5.5 and earlier allows remote attackers to display a URL in the address bar that is different than the URL that is actually being displayed, which could be used in web site spoofing attacks, aka the "Web page spoofing vulnerability." | 7.5 |
| 2001-06-27 | CVE-2001-0338 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerability." | 5.1 |
| 2001-06-27 | CVE-2001-0246 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain, aka a variant of the "Frame Domain Verification" vulnerability. | 5.0 |
| 2001-06-02 | CVE-2001-0149 | Unspecified vulnerability in Microsoft Internet Explorer Windows Scripting Host in Internet Explorer 5.5 and earlier allows remote attackers to read arbitrary files via the GetObject Javascript function and the htmlfile ActiveX object. | 5.0 |
| 2001-05-11 | CVE-2001-1450 | Unspecified vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 5.0 through 6.0 allows attackers to cause a denial of service (browser crash) via a crafted FTP URL such as "/.#./". | 2.6 |
| 2001-05-03 | CVE-2001-0154 | Unspecified vulnerability in Microsoft Internet Explorer HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly. | 7.5 |