Vulnerabilities > Microsoft > Internet Explorer > 5.01
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-05-29 | CVE-2002-0242 | Unspecified vulnerability in Microsoft Internet Explorer Cross-site scripting vulnerability in Internet Explorer 6 earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed. | 7.5 |
2002-05-29 | CVE-2002-0191 | Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5/6.0 Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to view arbitrary files that contain the "{" character via script containing the cssText property of the stylesheet object, aka "Local Information Disclosure through HTML Object" vulnerability. | 5.0 |
2002-05-29 | CVE-2002-0190 | Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5/6.0 Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code under fewer security restrictions via a malformed web page that requires NetBIOS connectivity, aka "Zone Spoofing through Malformed Web Page" vulnerability. | 7.5 |
2002-05-29 | CVE-2002-0188 | Unspecified vulnerability in Microsoft Internet Explorer 5.01/6.0 Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to execute arbitrary code via malformed Content-Disposition and Content-Type header fields that cause the application for the spoofed file type to pass the file back to the operating system for handling rather than raise an error message, aka the second variant of the "Content Disposition" vulnerability. | 7.5 |
2002-03-08 | CVE-2002-0052 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 6.0 and earlier does not properly handle VBScript in certain domain security checks, which allows remote attackers to read arbitrary files. | 5.0 |
2002-03-08 | CVE-2002-0025 | Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5/6.0 Internet Explorer 5.01, 5.5 and 6.0 does not properly handle the Content-Type HTML header field, which allows remote attackers to modify which application is used to process a document. | 5.0 |
2002-03-08 | CVE-2002-0024 | Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5/6.0 File Download box in Internet Explorer 5.01, 5.5 and 6.0 allows an attacker to use the Content-Disposition and Content-Type HTML header fields to modify how the name of the file is displayed, which could trick a user into believing that a file is safe to download. | 7.5 |
2002-03-08 | CVE-2002-0023 | Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5/6.0 Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to read arbitrary files via malformed requests to the GetObject function, which bypass some of GetObject's security checks. | 5.0 |
2001-10-30 | CVE-2001-0664 | Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5 Internet Explorer 5.5 and 5.01 allows remote attackers to bypass security restrictions via malformed URLs that contain dotless IP addresses, which causes Internet Explorer to process the page in the Intranet Zone, which may have fewer security restrictions, aka the "Zone Spoofing vulnerability." | 7.5 |
2001-07-21 | CVE-2001-0002 | Unspecified vulnerability in Microsoft Internet Explorer and Windows Script Host Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs. | 7.5 |