Vulnerabilities > Microsoft > Internet Explorer > 5.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2003-05-12 | CVE-2003-0113 | Unspecified vulnerability in Microsoft IE and Internet Explorer Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via an HTTP response containing long values in (1) Content-type and (2) Content-encoding fields. | 7.5 |
2003-02-19 | CVE-2003-1328 | Unspecified vulnerability in Microsoft IE and Internet Explorer The showHelp() function in Microsoft Internet Explorer 5.01, 5.5, and 6.0 supports certain types of pluggable protocols that allow remote attackers to bypass the cross-domain security model and execute arbitrary code, aka "Improper Cross Domain Security Validation with ShowHelp functionality." | 7.5 |
2003-02-19 | CVE-2003-1326 | Unspecified vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model to run malicious script or arbitrary programs via dialog boxes, aka "Improper Cross Domain Security Validation with dialog box." | 7.5 |
2002-12-31 | CVE-2002-2311 | Permissions, Privileges, and Access Controls vulnerability in multiple products Microsoft Internet Explorer 6.0 and possibly others allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a webpage. | 6.4 |
2002-12-31 | CVE-2002-2062 | Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0 Cross-site scripting (XSS) vulnerability in ftp.htt in Internet Explorer 5.5 and 6.0, when running on Windows 2000 with "Enable folder view for FTP sites" and "Enable Web content in folders" selected, allows remote attackers to inject arbitrary web script or HTML via the hostname portion of an FTP URL. network microsoft | 4.3 |
2002-12-31 | CVE-2002-2031 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 5.0, 5.0.1 and 5.5 with JavaScript execution enabled allows remote attackers to determine the existence of arbitrary files via a script tag with a src parameter that references a non-JavaScript file, then using the onError event handler to monitor the results. | 5.0 |
2002-12-31 | CVE-2002-1984 | Unspecified vulnerability in Microsoft Internet Explorer 5.0.1/5.5/6.0 Microsoft Internet Explorer 5.0.1 through 6.0 on Windows 2000 or Windows XP allows remote attackers to cause a denial of service (crash) via an OBJECT tag that contains a crafted CLASSID (CLSID) value of "CLSID:00022613-0000-0000-C000-000000000046". | 5.0 |
2002-12-31 | CVE-2002-1714 | Unspecified vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to cause a denial of service (crash) via an object of type "text/html" with the DATA field that identifies the HTML document that contains the object, which may cause infinite recursion. | 5.0 |
2002-12-31 | CVE-2002-1705 | Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0 Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers to cause a denial of service (crash) via a Cascading Style Sheet (CSS) with the p{cssText} element declared and a bold font weight. | 5.0 |
2002-12-31 | CVE-2002-1688 | Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0 The browser history feature in Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers to execute arbitrary script as other users and steal authentication information via cookies by injecting JavaScript into the URL, which is executed when the user hits the Back button. | 5.0 |