Microsoft

Internet Explorer

1637 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2003-0113

  • EPSS 43.17%
  • Published 12.05.2003 04:00:00
  • Last modified 03.04.2025 01:03:51

Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via an HTTP response containing long values in (1) Content-type and (2) Content-encoding fields.

5

CVE-2003-0114

  • EPSS 30.35%
  • Published 12.05.2003 04:00:00
  • Last modified 03.04.2025 01:03:51

The file upload control in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to automatically upload files from the local system via a web page containing a script to upload the files.

7.5

CVE-2003-0115

  • EPSS 14.3%
  • Published 12.05.2003 04:00:00
  • Last modified 03.04.2025 01:03:51

Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check parameters that are passed during third party rendering, which could allow remote attackers to execute arbitrary web script, aka the "Third Party Plugin Rendering" vulnerability, a...

5

CVE-2003-0116

Exploit
  • EPSS 25.47%
  • Published 12.05.2003 04:00:00
  • Last modified 03.04.2025 01:03:51

Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote attackers to read files on the local system via a web page containing script that creates a dialog ...

7.5

CVE-2003-0233

  • EPSS 13.25%
  • Published 12.05.2003 04:00:00
  • Last modified 03.04.2025 01:03:51

Heap-based buffer overflow in plugin.ocx for Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via the Load() method, a different vulnerability than CVE-2003-0115.

7.5

CVE-2003-1326

  • EPSS 11.11%
  • Published 19.02.2003 05:00:00
  • Last modified 03.04.2025 01:03:51

Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model to run malicious script or arbitrary programs via dialog boxes, aka "Improper Cross Domain Security Validation with dialog box."

7.5

CVE-2003-1328

  • EPSS 43.56%
  • Published 19.02.2003 05:00:00
  • Last modified 03.04.2025 01:03:51

The showHelp() function in Microsoft Internet Explorer 5.01, 5.5, and 6.0 supports certain types of pluggable protocols that allow remote attackers to bypass the cross-domain security model and execute arbitrary code, aka "Improper Cross Domain Secur...

4.6

CVE-2002-1670

  • EPSS 0.45%
  • Published 31.12.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

Microsoft Windows XP Professional upgrade edition overwrites previously installed patches for Internet Explorer 6.0, leaving Internet Explorer unpatched.

5

CVE-2002-1671

Exploit
  • EPSS 24.65%
  • Published 31.12.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

Microsoft Internet Explorer 5.0, 5.01, and 5.5 allows remote attackers to monitor the contents of the clipboard via the getData method of the clipboardData object.

5

CVE-2002-1688

Exploit
  • EPSS 39.55%
  • Published 31.12.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

The browser history feature in Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers to execute arbitrary script as other users and steal authentication information via cookies by injecting JavaScript into the URL, which is executed whe...