Microsoft

Internet Explorer

1637 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2000-0400

  • EPSS 18.18%
  • Published 13.05.2000 04:00:00
  • Last modified 03.04.2025 01:03:51

The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does not restrict which file types can be downloaded, which allows an attacker to download any type of file to a user's system by encoding it within an email message or news post.

2.6

CVE-2000-0439

  • EPSS 14.82%
  • Published 11.05.2000 04:00:00
  • Last modified 03.04.2025 01:03:51

Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain client cookies from another domain by including that domain name and escaped characters in a URL, aka the "Unauthorized Cookie Access" vulnerability.

2.6

CVE-2000-0266

  • EPSS 1.83%
  • Published 18.04.2000 04:00:00
  • Last modified 03.04.2025 01:03:51

Internet Explorer 5.01 allows remote attackers to bypass the cross frame security policy via a malicious applet that interacts with the Java JSObject to modify the DOM properties to set the IFRAME to an arbitrary Javascript URL.

5.1

CVE-2000-0201

  • EPSS 5.1%
  • Published 01.03.2000 05:00:00
  • Last modified 03.04.2025 01:03:51

The window.showHelp() method in Internet Explorer 5.x does not restrict HTML help files (.chm) to be executed from the local host, which allows remote attackers to execute arbitrary commands via Microsoft Networking.

7.6

CVE-2000-0160

  • EPSS 10.33%
  • Published 21.02.2000 05:00:00
  • Last modified 03.04.2025 01:03:51

The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software's manufacturer is Microsoft.

5.1

CVE-2000-0162

  • EPSS 1.48%
  • Published 18.02.2000 05:00:00
  • Last modified 03.04.2025 01:03:51

The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability.

5.1

CVE-2000-0156

  • EPSS 17.47%
  • Published 16.02.2000 05:00:00
  • Last modified 03.04.2025 01:03:51

Internet Explorer 4.x and 5.x allows remote web servers to access files on the client that are outside of its security domain, aka the "Image Source Redirect" vulnerability.

10

CVE-2000-0061

  • EPSS 17.03%
  • Published 07.01.2000 05:00:00
  • Last modified 03.04.2025 01:03:51

Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document has been loaded, which could allow remote attackers to execute Javascript in a different security context while the docum...

10

CVE-1999-0876

  • EPSS 24.15%
  • Published 04.01.2000 05:00:00
  • Last modified 03.04.2025 01:03:51

Buffer overflow in Internet Explorer 4.0 via EMBED tag.

7.5

CVE-1999-1087

  • EPSS 10.2%
  • Published 31.12.1999 05:00:00
  • Last modified 03.04.2025 01:03:51

Internet Explorer 4 treats a 32-bit number ("dotless IP address") in the a URL as the hostname instead of an IP address, which causes IE to apply Local Intranet Zone settings to the resulting web page, allowing remote malicious web servers to conduct...