Microsoft

Internet Explorer

1637 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2006-4193

Exploit
  • EPSS 39.03%
  • Veröffentlicht 17.08.2006 01:04:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Microsoft Internet Explorer 6.0 SP1 and possibly other versions allows remote attackers to cause a denial of service and possibly execute arbitrary code by instantiating COM objects as ActiveX controls, including (1) imskdic.dll (Microsoft IME), (2) ...

7.5

CVE-2006-3639

  • EPSS 45.07%
  • Veröffentlicht 09.08.2006 00:04:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Microsoft Internet Explorer 5.01 and 6 does not properly identify the originating domain zone when handling redirects, which allows remote attackers to read cross-domain web pages and possibly execute code via unspecified vectors involving a crafted ...

5

CVE-2006-3640

  • EPSS 37.46%
  • Veröffentlicht 09.08.2006 00:04:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Microsoft Internet Explorer 5.01 and 6 allows certain script to persist across navigations between pages, which allows remote attackers to obtain the window location of visited web pages in other domains or zones, aka "Window Location Information Dis...

6

CVE-2006-3643

  • EPSS 29.78%
  • Veröffentlicht 09.08.2006 00:04:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Cross-site scripting (XSS) vulnerability in Internet Explorer 5.01 and 6 in Microsoft Windows 2000 SP4 permits access to local "HTML-embedded resource files" in the Microsoft Management Console (MMC) library, which allows remote authenticated users t...

7.5

CVE-2006-3450

  • EPSS 63.79%
  • Veröffentlicht 08.08.2006 23:04:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using the document.getElementByID Javascript function to access crafted Cascading Style Sheet (CSS) elements, and possibly other unspecified vectors involving certain ...

5.1

CVE-2006-3637

  • EPSS 77.25%
  • Veröffentlicht 08.08.2006 23:04:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Microsoft Internet Explorer 5.01 SP4 and 6 does not properly handle various HTML layout component combinations, which allows user-assisted remote attackers to execute arbitrary code via a crafted HTML file that leads to memory corruption, aka "HTML R...

7.5

CVE-2006-3638

  • EPSS 64.56%
  • Veröffentlicht 08.08.2006 23:04:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Microsoft Internet Explorer 5.01 and 6 does not properly handle uninitialized COM objects, which allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code, as demonstrated by the Nth function in the ...

5

CVE-2006-3915

Exploit
  • EPSS 21.03%
  • Veröffentlicht 28.07.2006 00:04:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by iterating over any native function, as demonstrated with the window.alert function, which triggers a null dereference.

5

CVE-2006-3897

Exploit
  • EPSS 46.8%
  • Veröffentlicht 27.07.2006 11:04:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Stack overflow in Microsoft Internet Explorer 6 on Windows 2000 allows remote attackers to cause a denial of service (application crash) by creating an NMSA.ASFSourceMediaDescription.1 ActiveX object with a long dispValue property.

5

CVE-2006-3898

Exploit
  • EPSS 22.13%
  • Veröffentlicht 27.07.2006 11:04:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to cause a denial of service (application crash) by calling the Click method of the Internet.HHCtrl.1 ActiveX object before initializing the URL, which triggers a null derefere...