Microsoft

Internet Explorer

1637 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 26.91%
  • Veröffentlicht 20.01.2004 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:03:22

Internet Explorer 5.01 through 6 SP1 allows remote attackers to spoof the domain of a URL via a "%01" character before an @ sign in the user@domain portion of the URL, which hides the rest of the URL, including the real site, in the address bar, aka ...

  • EPSS 39.21%
  • Veröffentlicht 20.01.2004 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:03:23

Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions via a javascript protocol URL in a sub-frame, which is added to the history list and executed in the top window's zone when the history.back (back) function is c...

  • EPSS 38.05%
  • Veröffentlicht 20.01.2004 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:03:23

Internet Explorer 5.01 through 6 SP1 allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by using method caching (SaveRef) to access the window.moveBy method, which is otherwise inaccessible, as de...

  • EPSS 19.05%
  • Veröffentlicht 20.01.2004 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:03:23

The download function of Internet Explorer 6 SP1 allows remote attackers to obtain the cache directory name via an HTTP response with an invalid ContentType and a .htm file, which could allow remote attackers to bypass security mechanisms that rely o...

  • EPSS 17.75%
  • Veröffentlicht 31.12.2003 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:03:32

Unknown vulnerability in Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to cause a denial of service (browser or Outlook Express crash) via HTML with certain input tags that are not properly rendered.

Exploit
  • EPSS 12.87%
  • Veröffentlicht 31.12.2003 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:04:33

Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (crash) by creating a web page or HTML e-mail with a textarea in a div element whose scrollbar-base-color is modified by a CSS style, which is then moved.

  • EPSS 15.8%
  • Veröffentlicht 31.12.2003 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:04:39

Microsoft Internet Explorer 5.22, and other 5 through 6 SP1 versions, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data.

Exploit
  • EPSS 26.67%
  • Veröffentlicht 17.11.2003 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:02:52

Internet Explorer 5.01 through 6.0 does not properly handle object tags returned from a Web server during XML data binding, which allows remote attackers to execute arbitrary code via an HTML e-mail message or web page.

  • EPSS 35.29%
  • Veröffentlicht 17.11.2003 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:03:03

Internet Explorer allows remote attackers to bypass zone restrictions to inject and execute arbitrary programs by creating a popup window and inserting ActiveX object code with a "data" tag pointing to the malicious code, which Internet Explorer trea...

  • EPSS 30.39%
  • Veröffentlicht 27.08.2003 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:02:22

Buffer overflow in the BR549.DLL ActiveX control for Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to execute arbitrary code.