Vulnerabilities > Microsoft > Internet Explorer
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-01-13 | CVE-2002-0077 | Unspecified vulnerability in Microsoft Internet Explorer 5.0.1/5.5/6.0 Microsoft Internet Explorer 5.01, 5.5 and 6.0 treats objects invoked on an HTML page with the codebase property as part of Local Computer zone, which allows remote attackers to invoke executables present on the local system through objects such as the popup object, aka the "Local Executable Invocation via Object tag" vulnerability. | 7.5 |
| 2001-12-31 | CVE-2001-1539 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer 6.0.2900 Stack consumption vulnerability in Internet Explorer The JavaScript settimeout function in Internet Explorer allows remote attackers to cause a denial of service (crash) via the JavaScript settimeout function. | 5.0 |
| 2001-12-31 | CVE-2001-1497 | Unspecified vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it easier to conduct a brute-force password guessing attack. | 2.1 |
| 2001-12-20 | CVE-2001-1219 | Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0 Microsoft Internet Explorer 6.0 and earlier allows malicious website operators to cause a denial of service (client crash) via JavaScript that continually refreshes the window via self.location. | 5.0 |
| 2001-12-14 | CVE-2001-0727 | Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0 Internet Explorer 6.0 allows remote attackers to execute arbitrary code by modifying the Content-Disposition and Content-Type header fields in a way that causes Internet Explorer to believe that the file is safe to open without prompting the user, aka the "File Execution Vulnerability." | 7.5 |
| 2001-12-13 | CVE-2001-0874 | Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0 Internet Explorer 5.5 and 6.0 allow remote attackers to read certain files via HTML that passes information from a frame in the client's domain to a frame in the web site's domain, a variant of the "Frame Domain Verification" vulnerability. | 5.0 |
| 2001-12-06 | CVE-2001-0807 | Unspecified vulnerability in Microsoft Internet Explorer 5.0 Internet Explorer 5.0, and possibly other versions, may allow remote attackers (malicious web pages) to read known text files from a client's hard drive via a SCRIPT tag with a SRC value that points to the text file. | 2.6 |
| 2001-12-06 | CVE-2001-0722 | Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0 Internet Explorer 5.5 and 6.0 allows remote attackers to read and modify user cookies via Javascript in an about: URL, aka the "First Cookie Handling Vulnerability." | 6.4 |
| 2001-11-26 | CVE-2001-0919 | Unspecified vulnerability in Microsoft Internet Explorer 5.5 Internet Explorer 5.50.4134.0100 on Windows ME with "Prompt to allow cookies to be stored on your machine" enabled does not warn a user when a cookie is set using Javascript. | 5.1 |
| 2001-11-26 | CVE-2001-0875 | Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0 Internet Explorer 5.5 and 6.0 allows remote attackers to cause the File Download dialogue box to misrepresent the name of the file in the dialogue in a way that could fool users into thinking that the file type is safe to download. | 7.5 |