Microsoft

Internet Explorer

1637 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2007-1094

  • EPSS 34.74%
  • Published 26.02.2007 17:28:00
  • Last modified 09.04.2025 00:30:58

Microsoft Internet Explorer 7 allows remote attackers to cause a denial of service (NULL dereference and application crash) via JavaScript onUnload handlers that modify the structure of a document.

6.8

CVE-2007-1091

  • EPSS 49.66%
  • Published 26.02.2007 11:28:00
  • Last modified 09.04.2025 00:30:58

Microsoft Internet Explorer 7 allows remote attackers to prevent users from leaving a site, spoof the address bar, and conduct phishing and other attacks via onUnload Javascript handlers.

5

CVE-2006-7029

Exploit
  • EPSS 30.08%
  • Published 23.02.2007 03:28:00
  • Last modified 09.04.2025 00:30:58

Microsoft Internet Explorer 6 SP2 and earlier allows remote attackers to cause a denial of service (crash) via a frameset with only one frame that calls resizeTo with certain arguments. NOTE: this issue might be related to CVE-2006-3637.

5

CVE-2006-7031

  • EPSS 17.81%
  • Published 23.02.2007 03:28:00
  • Last modified 09.04.2025 00:30:58

Microsoft Internet Explorer 6.0.2900 SP2 and earlier allows remote attackers to cause a denial of service (crash) via a table element with a CSS attribute that sets the position, which triggers an "unhandled exception" in mshtml.dll.

10

CVE-2007-0219

  • EPSS 65.45%
  • Published 13.02.2007 23:28:00
  • Last modified 09.04.2025 00:30:58

Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects from (1) Msb1fren.dll, (2) Htmlmm.ocx, and (3) Blnmgrps.dll as ActiveX controls, which allows remote attackers to execute arbitrary code via unspecified vectors, a different issue th...

9.3

CVE-2006-4697

  • EPSS 59.02%
  • Published 13.02.2007 22:28:00
  • Last modified 09.04.2025 00:30:58

Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects from Imjpcksid.dll as ActiveX controls, which allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: this issue might be related to CVE-2006-4193.

10

CVE-2007-0217

  • EPSS 79.78%
  • Published 13.02.2007 22:28:00
  • Last modified 09.04.2025 00:30:58

The wininet.dll FTP client code in Microsoft Internet Explorer 5.01 and 6 might allow remote attackers to execute arbitrary code via an FTP server response of a specific length that causes a terminating null byte to be written outside of a buffer, wh...

7.8

CVE-2007-0612

Exploit
  • EPSS 53.87%
  • Published 31.01.2007 11:28:00
  • Last modified 09.04.2025 00:30:58

Multiple ActiveX controls in Microsoft Windows 2000, XP, 2003, and Vista allows remote attackers to cause a denial of service (Internet Explorer crash) by accessing the bgColor, fgColor, linkColor, alinkColor, vlinkColor, or defaultCharset properties...

4.3

CVE-2006-6956

Exploit
  • EPSS 12.07%
  • Published 29.01.2007 16:28:00
  • Last modified 09.04.2025 00:30:58

Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via a web page that contains a large number of nested marquee tags, a related issue to CVE-2006-2723.

9.3

CVE-2007-0024

  • EPSS 45.82%
  • Published 09.01.2007 23:28:00
  • Last modified 09.04.2025 00:30:58

Integer overflow in the Vector Markup Language (VML) implementation (vgx.dll) in Microsoft Internet Explorer 5.01, 6, and 7 on Windows 2000 SP4, XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted ...