Microsoft

Internet Explorer

1637 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2000-0982

Exploit
  • EPSS 10.21%
  • Published 19.12.2000 05:00:00
  • Last modified 03.04.2025 01:03:51

Internet Explorer before 5.5 forwards cached user credentials for a secure web site to insecure pages on the same web site, which could allow remote attackers to obtain the credentials by monitoring connections to the web server, aka the "Cached Web ...

2.6

CVE-2000-0767

  • EPSS 12.57%
  • Published 20.10.2000 04:00:00
  • Last modified 03.04.2025 01:03:51

The ActiveX control for invoking a scriptlet in Internet Explorer 4.x and 5.x renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka the "Scriptlet Rendering" vulnerability.

2.6

CVE-2000-0768

  • EPSS 16.32%
  • Published 20.10.2000 04:00:00
  • Last modified 03.04.2025 01:03:51

A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability.

5

CVE-2000-0662

  • EPSS 27.98%
  • Published 14.07.2000 04:00:00
  • Last modified 03.04.2025 01:03:51

Internet Explorer 5.x and Microsoft Outlook allows remote attackers to read arbitrary files by redirecting the contents of an IFRAME using the DHTML Edit Control (DHTMLED).

7.5

CVE-2000-0596

  • EPSS 13.01%
  • Published 27.06.2000 04:00:00
  • Last modified 03.04.2025 01:03:51

Internet Explorer 5.x does not warn a user before opening a Microsoft Access database file that is referenced within ActiveX OBJECT tags in an HTML document, which could allow remote attackers to execute arbitrary commands, aka the "IE Script" vulner...

2.6

CVE-2000-0503

  • EPSS 11.11%
  • Published 06.06.2000 04:00:00
  • Last modified 03.04.2025 01:03:51

The IFRAME of the WebBrowser control in Internet Explorer 5.01 allows a remote attacker to violate the cross frame security policy via the NavigateComplete2 event.

2.6

CVE-2000-0518

  • EPSS 2.19%
  • Published 05.06.2000 04:00:00
  • Last modified 03.04.2025 01:03:51

Internet Explorer 4.x and 5.x does not properly verify all contents of an SSL certificate if a connection is made to the server via an image or a frame, aka one of two different "SSL Certificate Validation" vulnerabilities.

2.6

CVE-2000-0519

  • EPSS 2.19%
  • Published 05.06.2000 04:00:00
  • Last modified 03.04.2025 01:03:51

Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establishes a new SSL session with the same server during the same Internet Explorer session, aka one of two different "SSL Certificate Validation" vulnerabili...

7.6

CVE-2000-0464

  • EPSS 20.01%
  • Published 17.05.2000 04:00:00
  • Last modified 03.04.2025 01:03:51

Internet Explorer 4.x and 5.x allows remote attackers to execute arbitrary commands via a buffer overflow in the ActiveX parameter parsing capability, aka the "Malformed Component Attribute" vulnerability.

5.1

CVE-2000-0465

  • EPSS 18.74%
  • Published 17.05.2000 04:00:00
  • Last modified 03.04.2025 01:03:51

Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files via the frame, aka the "Frame Domain Verification" vulnerability.