Vulnerabilities > Microsoft > Internet Explorer > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-08-10 | CVE-2005-1988 | Unspecified vulnerability in Microsoft IE and Internet Explorer Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to execute arbitrary code via a web site or an HTML e-mail containing a crafted JPEG image that causes memory corruption, aka "JPEG Image Rendering Memory Corruption Vulnerability". | 5.1 |
| 2005-07-19 | CVE-2005-2304 | Unspecified vulnerability in Microsoft Internet Explorer and Live Messenger Microsoft MSN Messenger 9.0 and Internet Explorer 6.0 allows remote attackers to cause a denial of service (crash) via an image with an ICC Profile with a large Tag Count. | 5.0 |
| 2005-07-05 | CVE-2005-2087 | Resource Management Errors vulnerability in Microsoft IE and Internet Explorer Internet Explorer 5.01 SP4 up to 6 on various Windows operating systems, including IE 6.0.2900.2180 on Windows XP, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, as demonstrated using the JVIEW Profiler (Javaprxy.dll). | 5.0 |
| 2005-06-14 | CVE-2005-1211 | Unspecified vulnerability in Microsoft Internet Explorer 6.0.2900 Buffer overflow in the PNG image rendering component of Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted PNG file. | 5.1 |
| 2005-05-28 | CVE-2005-1829 | Unspecified vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6 SP2 allows remote attackers to cause a denial of service (infinite loop and application crash) via two embedded files that call each other. | 5.0 |
| 2005-05-02 | CVE-2005-0954 | Unspecified vulnerability in Microsoft Internet Explorer, Windows Explorer and Windows XP Windows Explorer and Internet Explorer in Windows 2000 SP1 allows remote attackers to cause a denial of service (CPU consumption) via a malformed Windows Metafile (WMF) file. | 5.0 |
| 2005-05-02 | CVE-2005-0553 | Unspecified vulnerability in Microsoft IE and Internet Explorer Race condition in the memory management routines in the DHTML object processor in Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail, aka "DHTML Object Memory Corruption Vulnerability". | 5.1 |
| 2005-05-02 | CVE-2005-0500 | Unspecified vulnerability in Microsoft IE and Internet Explorer Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to spoof the domain name of a URL in a titlebar for a script-initiated popup window, which could facilitate phishing attacks. | 5.0 |
| 2005-05-02 | CVE-2005-0056 | Unspecified vulnerability in Microsoft IE and Internet Explorer Internet Explorer 5.01, 5.5, and 6 does not properly validate certain URLs in Channel Definition Format (CDF) files, which allows remote attackers to obtain sensitive information or execute arbitrary code, aka the "Channel Definition Format (CDF) Cross Domain Vulnerability." | 5.1 |
| 2005-05-02 | CVE-2005-0054 | Unspecified vulnerability in Microsoft IE and Internet Explorer Internet Explorer 5.01, 5.5, and 6 allows remote attackers to spoof a less restrictive security zone and execute arbitrary code via an HTML page containing URLs that contain hostnames that have been double hex encoded, which are decoded twice to generate a malicious hostname, aka the "URL Decoding Zone Spoofing Vulnerability." | 5.1 |