Vulnerabilities > Microsoft > Internet Explorer > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-08-15 | CVE-2002-1444 | The Google toolbar 1.1.60, when running on Internet Explorer 5.5 and 6.0, allows remote attackers to cause a denial of service (crash with an exception in oleaut32.dll) via malicious HTML, possibly related to small width and height parameters or an incorrect call to the Google.Search() function. | 2.6 |
2001-12-31 | CVE-2001-1497 | Unspecified vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it easier to conduct a brute-force password guessing attack. | 2.1 |
2001-12-06 | CVE-2001-0807 | Unspecified vulnerability in Microsoft Internet Explorer 5.0 Internet Explorer 5.0, and possibly other versions, may allow remote attackers (malicious web pages) to read known text files from a client's hard drive via a SCRIPT tag with a SRC value that points to the text file. | 2.6 |
2001-05-11 | CVE-2001-1450 | Unspecified vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 5.0 through 6.0 allows attackers to cause a denial of service (browser crash) via a crafted FTP URL such as "/.#./". | 2.6 |
2001-02-16 | CVE-2001-0089 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 5.0 through 5.5 allows remote attackers to read arbitrary files from the client via the INPUT TYPE element in an HTML form, aka the "File Upload via Form" vulnerability. | 2.6 |
2001-02-16 | CVE-2001-0091 | Unspecified vulnerability in Microsoft Internet Explorer The ActiveX control for invoking a scriptlet in Internet Explorer 5.0 through 5.5 renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka a variant of the "Scriptlet Rendering" vulnerability. | 2.6 |
2001-02-16 | CVE-2001-0092 | Unspecified vulnerability in Microsoft Internet Explorer 5.0/5.01/5.5 A function in Internet Explorer 5.0 through 5.5 does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a new variant of the "Frame Domain Verification" vulnerability. | 2.6 |
2000-10-20 | CVE-2000-0767 | Unspecified vulnerability in Microsoft Internet Explorer The ActiveX control for invoking a scriptlet in Internet Explorer 4.x and 5.x renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka the "Scriptlet Rendering" vulnerability. | 2.6 |
2000-10-20 | CVE-2000-0768 | Unspecified vulnerability in Microsoft IE and Internet Explorer A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability. | 2.6 |
2000-06-06 | CVE-2000-0503 | Unspecified vulnerability in Microsoft Internet Explorer The IFRAME of the WebBrowser control in Internet Explorer 5.01 allows a remote attacker to violate the cross frame security policy via the NavigateComplete2 event. | 2.6 |