Microsoft

Ie

201 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2007-1091

  • EPSS 49.66%
  • Published 26.02.2007 11:28:00
  • Last modified 09.04.2025 00:30:58

Microsoft Internet Explorer 7 allows remote attackers to prevent users from leaving a site, spoof the address bar, and conduct phishing and other attacks via onUnload Javascript handlers.

5

CVE-2006-7030

  • EPSS 37.11%
  • Published 23.02.2007 03:28:00
  • Last modified 09.04.2025 00:30:58

Microsoft Internet Explorer 6 SP2 and earlier allows remote attackers to cause a denial of service (crash) via certain malformed HTML, possibly involving applet and base tags without required arguments, which triggers a null pointer dereference in ms...

10

CVE-2007-0219

  • EPSS 65.45%
  • Published 13.02.2007 23:28:00
  • Last modified 09.04.2025 00:30:58

Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects from (1) Msb1fren.dll, (2) Htmlmm.ocx, and (3) Blnmgrps.dll as ActiveX controls, which allows remote attackers to execute arbitrary code via unspecified vectors, a different issue th...

9.3

CVE-2006-4697

  • EPSS 59.02%
  • Published 13.02.2007 22:28:00
  • Last modified 09.04.2025 00:30:58

Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects from Imjpcksid.dll as ActiveX controls, which allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: this issue might be related to CVE-2006-4193.

10

CVE-2007-0217

  • EPSS 79.78%
  • Published 13.02.2007 22:28:00
  • Last modified 09.04.2025 00:30:58

The wininet.dll FTP client code in Microsoft Internet Explorer 5.01 and 6 might allow remote attackers to execute arbitrary code via an FTP server response of a specific length that causes a terminating null byte to be written outside of a buffer, wh...

4.3

CVE-2007-0811

Exploit
  • EPSS 46.92%
  • Published 07.02.2007 11:28:00
  • Last modified 09.04.2025 00:30:58

Microsoft Internet Explorer 6.0 SP1 on Windows 2000, and 6.0 SP2 on Windows XP, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an HTML document containing a certain JavaScript for loop with a...

7.8

CVE-2007-0612

Exploit
  • EPSS 53.87%
  • Published 31.01.2007 11:28:00
  • Last modified 09.04.2025 00:30:58

Multiple ActiveX controls in Microsoft Windows 2000, XP, 2003, and Vista allows remote attackers to cause a denial of service (Internet Explorer crash) by accessing the bgColor, fgColor, linkColor, alinkColor, vlinkColor, or defaultCharset properties...

5

CVE-2007-0356

Exploit
  • EPSS 13.43%
  • Published 19.01.2007 01:28:00
  • Last modified 09.04.2025 00:30:58

The Common Controls Replacement Project (CCRP) FolderTreeview (FTV) ActiveX control (ccrpftv6.ocx) allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long CCRP.RootFolder property value.

9.3

CVE-2007-0024

  • EPSS 45.82%
  • Published 09.01.2007 23:28:00
  • Last modified 09.04.2025 00:30:58

Integer overflow in the Vector Markup Language (VML) implementation (vgx.dll) in Microsoft Internet Explorer 5.01, 6, and 7 on Windows 2000 SP4, XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted ...

5

CVE-2006-6659

Exploit
  • EPSS 22.97%
  • Published 20.12.2006 02:28:00
  • Last modified 09.04.2025 00:30:58

The Microsoft Office Outlook Recipient ActiveX control (ole32.dll) in Windows XP SP2 allows remote attackers to cause a denial of service (Internet Explorer 7 hang) via crafted HTML.