Vulnerabilities > Microsoft > Internet Explorer > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-02-19 | CVE-2003-1328 | Unspecified vulnerability in Microsoft IE and Internet Explorer The showHelp() function in Microsoft Internet Explorer 5.01, 5.5, and 6.0 supports certain types of pluggable protocols that allow remote attackers to bypass the cross-domain security model and execute arbitrary code, aka "Improper Cross Domain Security Validation with ShowHelp functionality." | 7.5 |
| 2003-02-19 | CVE-2003-1326 | Unspecified vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model to run malicious script or arbitrary programs via dialog boxes, aka "Improper Cross Domain Security Validation with dialog box." | 7.5 |
| 2002-12-18 | CVE-2002-1262 | Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0 Internet Explorer 5.5 and 6.0 does not perform complete security checks on external caching, which allows remote attackers to read arbitrary files. | 7.5 |
| 2002-12-11 | CVE-2002-1254 | Unspecified vulnerability in Microsoft IE and Internet Explorer Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model and access information on the local system or in other domains, and possibly execute code, via cached methods and objects, aka "Cross Domain Verification via Cached Methods." | 7.5 |
| 2002-11-29 | CVE-2002-1142 | Unspecified vulnerability in Microsoft Data Access Components, IE and Internet Explorer Heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6, and Internet Explorer 5.01 through 6.0, allows remote attackers to execute code via a malformed HTTP request to the Data Stub. | 7.5 |
| 2002-10-28 | CVE-2002-1217 | Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0 Cross-Frame scripting vulnerability in the WebBrowser control as used in Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code, read arbitrary files, or conduct other unauthorized activities via script that accesses the Document property, which bypasses <frame> and <iframe> domain restrictions. | 7.5 |
| 2002-09-24 | CVE-2002-0980 | Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0 The Web Folder component for Internet Explorer 5.5 and 6.0 writes an error message to a known location in the temporary folder, which allows remote attackers to execute arbitrary code by injecting it into the error message, then referring to the error message file via a mhtml: URL. | 7.5 |
| 2002-09-24 | CVE-2002-0723 | Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0 Microsoft Internet Explorer 5.5 and 6.0 does not properly verify the domain of a frame within a browser window, which allows remote attackers to read client files or invoke executable objects via the Object tag, aka "Cross Domain Verification in Object Tag." | 7.5 |
| 2002-09-24 | CVE-2002-0722 | Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5/6.0 Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to misrepresent the source of a file in the File Download dialogue box to trick users into thinking that the file type is safe to download, aka "File Origin Spoofing." | 7.5 |
| 2002-09-24 | CVE-2002-0691 | Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5 Microsoft Internet Explorer 5.01 and 5.5 allows remote attackers to execute scripts in the Local Computer zone via a URL that references a local HTML resource file, a variant of "Cross-Site Scripting in Local HTML Resource" as identified by CAN-2002-0189. | 7.5 |