Vulnerabilities > Microsoft > Internet Explorer > 6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-10-12 | CVE-2011-1995 | Use of Uninitialized Resource vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "OLEAuto32.dll Remote Code Execution Vulnerability." | 9.3 |
2011-10-12 | CVE-2011-1993 | Unspecified vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Scroll Event Remote Code Execution Vulnerability." | 9.3 |
2011-08-10 | CVE-2011-1964 | Use of Uninitialized Resource vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Style Object Memory Corruption Vulnerability." | 9.3 |
2011-08-10 | CVE-2011-1962 | Improper Input Validation vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6 through 9 does not properly handle unspecified character sequences, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site that triggers "inactive filtering," aka "Shift JIS Character Encoding Vulnerability." | 4.3 |
2011-08-10 | CVE-2011-1961 | Unspecified vulnerability in Microsoft Internet Explorer The telnet URI handler in Microsoft Internet Explorer 6 through 9 does not properly launch the handler application, which allows remote attackers to execute arbitrary programs via a crafted web site, aka "Telnet Handler Remote Code Execution Vulnerability." | 9.3 |
2011-08-10 | CVE-2011-1960 | Exposure of Resource to Wrong Sphere vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6 through 9 does not properly implement JavaScript event handlers, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Event Handlers Information Disclosure Vulnerability." | 4.3 |
2011-08-10 | CVE-2011-1257 | Race Condition vulnerability in Microsoft Internet Explorer 6/7/8 Race condition in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors involving access to an object, aka "Window Open Race Condition Vulnerability." | 7.6 |
2011-06-16 | CVE-2011-1266 | Use of Uninitialized Resource vulnerability in Microsoft Internet Explorer 6/7/8 The Vector Markup Language (VML) implementation in vgx.dll in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "VML Memory Corruption Vulnerability." | 9.3 |
2011-06-16 | CVE-2011-1261 | Use of Uninitialized Resource vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Selection Object Memory Corruption Vulnerability." | 9.3 |
2011-06-16 | CVE-2011-1258 | Exposure of Resource to Wrong Sphere vulnerability in Microsoft Internet Explorer 6/7/8 Microsoft Internet Explorer 6 through 8 does not properly restrict web script, which allows user-assisted remote attackers to obtain sensitive information from a different (1) domain or (2) zone via vectors involving a drag-and-drop operation, aka "Drag and Drop Information Disclosure Vulnerability." | 4.3 |