Microsoft

Internet Explorer

1637 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2006-1359

Exploit
  • EPSS 87.6%
  • Published 23.03.2006 00:06:00
  • Last modified 03.04.2025 01:03:51

Microsoft Internet Explorer 6 and 7 Beta 2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a certain createTextRange call on a checkbox object, which results in a dereference of an invalid table pointer.

7.5

CVE-2006-1016

Exploit
  • EPSS 76.52%
  • Published 07.03.2006 00:02:00
  • Last modified 03.04.2025 01:03:51

Buffer overflow in the IsComponentInstalled method in Internet Explorer 6.0, when used on Windows 2000 before SP4 or Windows XP before SP1, allows remote attackers to execute arbitrary code via JavaScript that calls IsComponentInstalled with a long f...

7.5

CVE-2006-0830

  • EPSS 32.86%
  • Published 21.02.2006 23:02:00
  • Last modified 03.04.2025 01:03:51

The scripting engine in Internet Explorer allows remote attackers to cause a denial of service (resource consumption) and possibly execute arbitrary code via a web page that contains a recurrent call to an infinite loop in Javascript or VBscript, whi...

4

CVE-2006-0799

  • EPSS 23.55%
  • Published 19.02.2006 21:02:00
  • Last modified 03.04.2025 01:03:51

Microsoft Internet Explorer allows remote attackers to spoof a legitimate URL in the status bar and conduct a phishing attack via a web page with an anchor element with a legitimate "href" attribute, a form whose action points to a malicious URL, and...

5

CVE-2006-0585

Exploit
  • EPSS 29.85%
  • Published 08.02.2006 01:02:00
  • Last modified 03.04.2025 01:03:51

jscript.dll in Microsoft Internet Explorer 6.0 SP1 and earlier allows remote attackers to cause a denial of service (application crash) via a Shockwave Flash object that contains ActionScript code that calls VBScript, which in turn calls the Javascri...

7.5

CVE-2006-0057

  • EPSS 45.82%
  • Published 27.01.2006 22:03:00
  • Last modified 03.04.2025 01:03:51

Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to bypass the Kill bit settings for dangerous ActiveX controls via unknown vectors involving crafted HTML, which can expose the browser to attacks that would otherwise be prevented ...

5.1

CVE-2005-3240

  • EPSS 10.23%
  • Published 31.12.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

Race condition in Microsoft Internet Explorer allows user-assisted attackers to overwrite arbitrary files and possibly execute code by tricking a user into performing a drag-and-drop action from certain objects, such as file objects within a folder v...

5

CVE-2005-4717

Exploit
  • EPSS 19.89%
  • Published 31.12.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1, Windows XP SP2, and Windows Server 2003 SP1 allows remote attackers to cause a denial of service (client crash) via a certain combination of a malformed HTML fi...

5

CVE-2005-4810

  • EPSS 19.07%
  • Published 31.12.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

Microsoft Internet Explorer 7.0 Beta3 and earlier allows remote attackers to cause a denial of service (crash) via a "text/html" HTML Content-type header sent in response to an XMLHttpRequest (AJAX).

7.5

CVE-2005-4827

Exploit
  • EPSS 19.03%
  • Published 31.12.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) and using tab, newl...