Vulnerabilities > Microsoft > Internet Explorer
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-07-27 | CVE-2004-0566 | Unspecified vulnerability in Microsoft Internet Explorer 5.0/5.0.1/5.5 Integer overflow in imgbmp.cxx for Windows 2000 allows remote attackers to execute arbitrary code via a BMP image with a large bfOffBits value. | 7.5 |
| 2004-07-27 | CVE-2003-1048 | Double Free vulnerability in Microsoft products Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image. | 7.8 |
| 2004-07-07 | CVE-2004-0484 | Unspecified vulnerability in Microsoft Internet Explorer 6.0.2900 mshtml.dll in Microsoft Internet Explorer 6.0.2800 allows remote attackers to cause a denial of service (crash) via a table containing a form that crosses multiple td elements, and whose "float: left" class is defined in a link to a CSS stylesheet after the end of the table, which may trigger a null dereference. | 2.6 |
| 2004-07-07 | CVE-2004-0420 | Unspecified vulnerability in Microsoft IE and Internet Explorer The Windows Shell application in Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by spoofing the type of a file via a CLSID specifier in the filename, as demonstrated using Internet Explorer 6.0.2800.1106 on Windows XP. | 10.0 |
| 2004-06-14 | CVE-2003-1041 | Unspecified vulnerability in Microsoft IE and Internet Explorer Internet Explorer 5.x and 6.0 allows remote attackers to execute arbitrary programs via a modified directory traversal attack using a URL containing ".." (dot dot) sequences and a filename that ends in "::" which is treated as a .chm file even if it does not have a .chm extension. | 7.5 |
| 2004-04-15 | CVE-2003-0513 | Unspecified vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Internet Explorer to send the cookie outside the specified URL subsets, e.g. | 7.5 |
| 2004-04-11 | CVE-2004-1922 | Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0 Microsoft Internet Explorer 5.5 and 6.0 allocates memory based on the memory size written in the BMP file instead of the actual BMP file size, which allows remote attackers to cause a denial of service (memory consumption) via a small BMP file with has a large memory size. | 2.6 |
| 2004-02-07 | CVE-2004-2090 | Unspecified vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 5.0.1 through 6.0 allows remote attackers to determine the existence of arbitrary files via the VBScript LoadPicture method, which returns an error code if the file does not exist. | 5.0 |
| 2004-02-03 | CVE-2003-0823 | Unspecified vulnerability in Microsoft IE and Internet Explorer Internet Explorer 6 SP1 and earlier allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by calling the window.moveBy method, aka HijackClick, a different vulnerability than CVE-2003-1027. | 7.5 |
| 2004-02-03 | CVE-2003-0817 | Unspecified vulnerability in Microsoft IE and Internet Explorer Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions and read arbitrary files via an XML object. | 7.5 |