Vulnerabilities > Microsoft > Internet Explorer > 7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-10-15 | CVE-2008-3473 | Permissions, Privileges, and Access Controls vulnerability in Microsoft Internet Explorer 5.01/6/7 Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origin of web script, which allows remote attackers to bypass the intended cross-domain security policy, and execute arbitrary code or obtain sensitive information, via a crafted HTML document, aka "Event Handling Cross-Domain Vulnerability." | 9.3 |
| 2008-10-02 | CVE-2008-4381 | Resource Management Errors vulnerability in Microsoft Internet Explorer 5/6/7 Microsoft Internet Explorer 7 allows remote attackers to cause a denial of service (application crash) via Javascript that calls the alert function with a URL-encoded string of a large number of invalid characters. | 5.0 |
| 2008-09-15 | CVE-2008-4071 | Improper Input Validation vulnerability in Adobe Acrobat 9 A certain ActiveX control in Adobe Acrobat 9, when used with Microsoft Windows Vista and Internet Explorer 7, allows remote attackers to cause a denial of service (browser crash) via an src property value with an invalid acroie:// URL. | 5.0 |
| 2008-08-13 | CVE-2008-2259 | Improper Input Validation vulnerability in Microsoft Internet Explorer 6/7 Microsoft Internet Explorer 6 and 7 does not perform proper "argument validation" during print preview, which allows remote attackers to execute arbitrary code via unknown vectors, aka "HTML Component Handling Vulnerability." | 9.3 |
| 2008-08-13 | CVE-2008-2258 | Resource Management Errors vulnerability in Microsoft Internet Explorer 5.01/6/7 Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to a document object "appended in a specific order" with "particular functions ... | 9.3 |
| 2008-08-13 | CVE-2008-2257 | Resource Management Errors vulnerability in Microsoft Internet Explorer 5.01/6/7 Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to a document object "appended in a specific order," aka "HTML Objects Memory Corruption Vulnerability" or "XHTML Rendering Memory Corruption Vulnerability," a different vulnerability than CVE-2008-2258. | 9.3 |
| 2008-08-13 | CVE-2008-2256 | Improper Input Validation vulnerability in Microsoft Internet Explorer 5.01/6/7 Microsoft Internet Explorer 5.01, 6, and 7 does not properly handle objects that have been incorrectly initialized or deleted, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, aka "Uninitialized Memory Corruption Vulnerability." | 9.3 |
| 2008-08-13 | CVE-2008-2255 | Resource Management Errors vulnerability in Microsoft Internet Explorer 5.01/6/7 Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, a different vulnerability than CVE-2008-2254, aka "HTML Object Memory Corruption Vulnerability." | 9.3 |
| 2008-08-13 | CVE-2008-2254 | Resource Management Errors vulnerability in Microsoft Internet Explorer 6/7 Microsoft Internet Explorer 6 and 7 accesses uninitialized memory, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, aka "HTML Object Memory Corruption Vulnerability." | 9.3 |
| 2008-06-30 | CVE-2008-2949 | Unspecified vulnerability in Microsoft Internet Explorer 6/7 Cross-domain vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to change the location property of a frame via the String data type, and use a frame from a different domain to observe domain-independent events, as demonstrated by observing onkeydown events with caballero-listener. network microsoft | 6.8 |