Microsoft

Internet Explorer

1637 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 30.54%
  • Veröffentlicht 08.04.2008 23:05:00
  • Zuletzt bearbeitet 16.06.2026 22:50:57

The HxTocCtrl ActiveX control (hxvz.dll), as used in Microsoft Internet Explorer 5.01 SP4 and 6 SP1, in Windows XP SP2, Server 2003 SP1 and SP2, Vista SP1, and Server 2008, allows remote attackers to execute arbitrary code via malformed arguments, wh...

  • EPSS 26.32%
  • Veröffentlicht 28.03.2008 23:44:00
  • Zuletzt bearbeitet 16.06.2026 22:51:56

The setRequestHeader method of the XMLHttpRequest object in Microsoft Internet Explorer 5.01, 6, and 7 does not block dangerous HTTP request headers when certain 8-bit character sequences are appended to a header name, which allows remote attackers t...

Exploit
  • EPSS 11.84%
  • Veröffentlicht 28.03.2008 23:44:00
  • Zuletzt bearbeitet 16.06.2026 22:51:56

The setRequestHeader method of the XMLHttpRequest object in Microsoft Internet Explorer 7 does not restrict the dangerous Transfer-Encoding HTTP request header, which allows remote attackers to conduct HTTP request splitting and HTTP request smugglin...

Exploit
  • EPSS 11.32%
  • Veröffentlicht 18.03.2008 00:44:00
  • Zuletzt bearbeitet 16.06.2026 22:51:35

CRLF injection vulnerability in Microsoft Internet Explorer 5 and 6 allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded CRLF (%0D%0A) before the FTP command, which causes the commands to be inserted...

  • EPSS 28.95%
  • Veröffentlicht 12.02.2008 23:00:00
  • Zuletzt bearbeitet 16.06.2026 22:48:53

Unspecified vulnerability in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via crafted HTML layout combinations, aka "HTML Rendering Memory Corruption Vulnerability."

  • EPSS 37.19%
  • Veröffentlicht 12.02.2008 23:00:00
  • Zuletzt bearbeitet 16.06.2026 22:48:53

Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 SP2, and and 7 allows remote attackers to execute arbitrary code by assigning malformed values to certain properties, as demonstrated using the by property of an animateMotion SVG e...

  • EPSS 29.06%
  • Veröffentlicht 12.02.2008 23:00:00
  • Zuletzt bearbeitet 16.06.2026 22:48:53

Unspecified vulnerability in an ActiveX control (dxtmsft.dll) in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via a crafted image, aka "Argument Handling Memory Corruption Vulnerability."

  • EPSS 14.56%
  • Veröffentlicht 25.01.2008 16:00:00
  • Zuletzt bearbeitet 16.06.2026 22:49:41

Cross-site scripting (XSS) vulnerability in api.php in (1) MediaWiki 1.11 through 1.11.0rc1, 1.10 through 1.10.2, 1.9 through 1.9.4, and 1.8; and (2) the BotQuery extension for MediaWiki 1.7 and earlier; when Internet Explorer is used, allows remote ...

  • EPSS 25.2%
  • Veröffentlicht 25.01.2008 01:00:00
  • Zuletzt bearbeitet 16.06.2026 22:49:40

Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.6.0.244, and earlier 3.5.x and 3.6.x versions, on Windows allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via th...

Exploit
  • EPSS 22.53%
  • Veröffentlicht 04.01.2008 01:46:00
  • Zuletzt bearbeitet 16.06.2026 22:48:55

A certain ActiveX control in npUpload.dll in DivX Player 6.6.0 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long argument to the SetPassword method.