Vulnerabilities > Microsoft > Internet Explorer > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-06-27 | CVE-2001-0246 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain, aka a variant of the "Frame Domain Verification" vulnerability. | 5.0 |
| 2001-06-02 | CVE-2001-0322 | Unspecified vulnerability in Microsoft Internet Explorer, Outlook and Outlook Express MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, allows remote attackers to cause a denial of service (application crash) via a script that creates and deletes an object that is associated with the browser window object. | 5.0 |
| 2001-06-02 | CVE-2001-0149 | Unspecified vulnerability in Microsoft Internet Explorer Windows Scripting Host in Internet Explorer 5.5 and earlier allows remote attackers to read arbitrary files via the GetObject Javascript function and the htmlfile ActiveX object. | 5.0 |
| 2001-02-16 | CVE-2001-0090 | Unspecified vulnerability in Microsoft Internet Explorer 5.5 The Print Templates feature in Internet Explorer 5.5 executes arbitrary custom print templates without prompting the user, which could allow an attacker to execute arbitrary ActiveX controls, aka the "Browser Print Template" vulnerability. | 5.1 |
| 2000-05-17 | CVE-2000-0465 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files via the frame, aka the "Frame Domain Verification" vulnerability. | 5.1 |
| 2000-03-01 | CVE-2000-0201 | Unspecified vulnerability in Microsoft Internet Explorer 5.0/5.01 The window.showHelp() method in Internet Explorer 5.x does not restrict HTML help files (.chm) to be executed from the local host, which allows remote attackers to execute arbitrary commands via Microsoft Networking. | 5.1 |
| 2000-02-18 | CVE-2000-0162 | Unspecified vulnerability in Microsoft IE, Internet Explorer and Visual Studio The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability. | 5.1 |
| 2000-02-16 | CVE-2000-0156 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 4.x and 5.x allows remote web servers to access files on the client that are outside of its security domain, aka the "Image Source Redirect" vulnerability. | 5.1 |
| 1999-12-31 | CVE-1999-1473 | Unspecified vulnerability in Microsoft Internet Explorer 3.0.2/4.0 When a Web site redirects the browser to another site, Internet Explorer 3.02 and 4.0 automatically resends authentication information to the second site, aka the "Page Redirect Issue." | 5.0 |
| 1999-12-31 | CVE-1999-1472 | Unspecified vulnerability in Microsoft Internet Explorer 4.0 Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user's machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Freiburg text-viewing issue. | 5.0 |