Microsoft

Ie

201 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2003-0815

  • EPSS 13.27%
  • Published 03.02.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and read arbitrary files by (1) modifying the createTextRange method and using CreateLink, as demonstrated using LinkillerSaveRef, LinkillerJPU, and Linkiller, or...

7.5

CVE-2003-0816

  • EPSS 67.22%
  • Published 03.02.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions by (1) using the NavigateAndFind method to load a file: URL containing Javascript, as demonstrated by NAFfileJPU, (2) using the window.open method to load a file:...

7.5

CVE-2003-0817

  • EPSS 12.58%
  • Published 03.02.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions and read arbitrary files via an XML object.

7.5

CVE-2003-0823

  • EPSS 30.48%
  • Published 03.02.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

Internet Explorer 6 SP1 and earlier allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by calling the window.moveBy method, aka HijackClick, a different vulnerability than CVE-2003-1027.

9.3

CVE-2003-1026

  • EPSS 55.82%
  • Published 20.01.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions via a javascript protocol URL in a sub-frame, which is added to the history list and executed in the top window's zone when the history.back (back) function is c...

10

CVE-2003-1027

  • EPSS 59.95%
  • Published 20.01.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

Internet Explorer 5.01 through 6 SP1 allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by using method caching (SaveRef) to access the window.moveBy method, which is otherwise inaccessible, as de...

5

CVE-2003-1028

  • EPSS 17.76%
  • Published 20.01.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

The download function of Internet Explorer 6 SP1 allows remote attackers to obtain the cache directory name via an HTTP response with an invalid ContentType and a .htm file, which could allow remote attackers to bypass security mechanisms that rely o...

2.6

CVE-2003-1105

  • EPSS 9.23%
  • Published 31.12.2003 05:00:00
  • Last modified 03.04.2025 01:03:51

Unknown vulnerability in Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to cause a denial of service (browser or Outlook Express crash) via HTML with certain input tags that are not properly rendered.

4.3

CVE-2003-1484

  • EPSS 27.62%
  • Published 31.12.2003 05:00:00
  • Last modified 03.04.2025 01:03:51

Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash) by creating a DHTML link that uses the AnchorClick "A" object with a blank href attribute.

5

CVE-2003-1559

  • EPSS 39.88%
  • Published 31.12.2003 05:00:00
  • Last modified 03.04.2025 01:03:51

Microsoft Internet Explorer 5.22, and other 5 through 6 SP1 versions, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data.