Vulnerabilities > Microsoft > Internet Explorer > 5.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2003-08-27 | CVE-2003-0530 | Unspecified vulnerability in Microsoft IE and Internet Explorer Buffer overflow in the BR549.DLL ActiveX control for Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to execute arbitrary code. | 7.5 |
2003-08-18 | CVE-2001-1410 | Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0 Internet Explorer 6 and earlier allows remote attackers to create chromeless windows using the Javascript window.createPopup method, which could allow attackers to simulate a victim's display and conduct unauthorized activities or steal sensitive data via social engineering. | 5.0 |
2003-07-24 | CVE-2003-0447 | Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5/6.0 The Custom HTTP Errors capability in Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute script in the Local Zone via an argument to shdocvw.dll that causes a "javascript:" link to be generated. | 5.1 |
2003-07-24 | CVE-2003-0446 | Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0 Cross-site scripting (XSS) in Internet Explorer 5.5 and 6.0, possibly in a component that is also used by other Microsoft products, allows remote attackers to insert arbitrary web script via an XML file that contains a parse error, which inserts the script in the resulting error message. network microsoft | 4.3 |
2003-06-16 | CVE-2003-0344 | Unspecified vulnerability in Microsoft IE and Internet Explorer Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page. | 7.5 |
2003-06-09 | CVE-2002-1564 | Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5/6.0 Internet Explorer 5.5 and 6.0 allows remote attackers to steal potentially sensitive information from cookies via a cookie that contains script which is executed when a page is loaded, aka the "Script within Cookies Reading Cookies" vulnerability. | 5.0 |
2003-05-12 | CVE-2003-0233 | Unspecified vulnerability in Microsoft IE and Internet Explorer Heap-based buffer overflow in plugin.ocx for Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via the Load() method, a different vulnerability than CVE-2003-0115. | 7.5 |
2003-05-12 | CVE-2003-0116 | Unspecified vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote attackers to read files on the local system via a web page containing script that creates a dialog and then accesses the target files, aka "Modal Dialog script execution." | 5.0 |
2003-05-12 | CVE-2003-0115 | Unspecified vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check parameters that are passed during third party rendering, which could allow remote attackers to execute arbitrary web script, aka the "Third Party Plugin Rendering" vulnerability, a different vulnerability than CVE-2003-0233. | 7.5 |
2003-05-12 | CVE-2003-0114 | Unspecified vulnerability in Microsoft IE and Internet Explorer The file upload control in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to automatically upload files from the local system via a web page containing a script to upload the files. | 5.0 |