Vulnerabilities > Microsoft > Internet Explorer > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
1999-12-31 | CVE-1999-1093 | Unspecified vulnerability in Microsoft Internet Explorer 4.0/4.0.1 Buffer overflow in the Window.External function in the JScript Scripting Engine in Internet Explorer 4.01 SP1 and earlier allows remote attackers to execute arbitrary commands via a malicious web page. | 5.1 |
1999-11-14 | CVE-1999-1110 | Unspecified vulnerability in Microsoft Internet Explorer 5.0 Windows Media Player ActiveX object as used in Internet Explorer 5.0 returns a specific error code when a file does not exist, which allows remote malicious web sites to determine the existence of files on the client. | 5.0 |
1999-11-11 | CVE-2000-0329 | Unspecified vulnerability in Microsoft products A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability. | 5.1 |
1999-10-31 | CVE-1999-1577 | Unspecified vulnerability in Microsoft Internet Explorer 4.0.1/5.0 Buffer overflow in HHOpen ActiveX control (hhopen.ocx) 1.0.0.1 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands via long arguments to the OpenHelp method. | 5.1 |
1999-09-24 | CVE-1999-1578 | Unspecified vulnerability in Microsoft Internet Explorer 4.0.1/5.0 Buffer overflow in Registration Wizard ActiveX control (regwizc.dll, InvokeRegWizard) 3.0.0.0 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands. | 5.1 |
1999-09-10 | CVE-1999-1575 | Unspecified vulnerability in Microsoft Internet Explorer 4.0.1/5.0 The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands. | 5.1 |
1999-09-01 | CVE-1999-0670 | Unspecified vulnerability in Microsoft Internet Explorer 4.0/5.0 Buffer overflow in the Eyedog ActiveX control allows a remote attacker to execute arbitrary commands. | 4.0 |
1999-09-01 | CVE-1999-0669 | Unspecified vulnerability in Microsoft Internet Explorer 4.0/5.0 The Eyedog ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy. | 4.0 |
1999-08-27 | CVE-1999-1016 | Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell. | 5.0 |
1999-08-25 | CVE-1999-1235 | Unspecified vulnerability in Microsoft Internet Explorer 5.0 Internet Explorer 5.0 records the username and password for FTP servers in the URL history, which could allow (1) local users to read the information from another user's index.dat, or (2) people who are physically observing ("shoulder surfing") another user to read the information from the status bar when the user moves the mouse over a link. | 4.6 |