VYPR

Ie

by Microsoft

CVEs (200)

  • CVE-2006-3943Jul 31, 2006
    risk 0.04cvss epss 0.16

    Stack-based buffer overflow in NDFXArtEffects in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) via long (1) RGBExtraColor, (2) RGBForeColor, and (3) RGBBackColor properties.

  • CVE-2006-3910Jul 28, 2006
    risk 0.04cvss epss 0.17

    Internet Explorer 6 on Windows XP SP2, when Outlook is installed, allows remote attackers to cause a denial of service (crash) by calling the NewDefaultItem function of an OVCtl (OVCtl.OVCtl.1) ActiveX object, which triggers a null dereference.

  • CVE-2006-3510Jul 11, 2006
    risk 0.04cvss epss 0.15

    The Remote Data Service Object (RDS.DataControl) in Microsoft Internet Explorer 6 on Windows 2000 allows remote attackers to cause a denial of service (crash) via a series of operations that result in an invalid length calculation when using SysAllocStringLen, then triggers a…

  • CVE-2006-3472Jul 10, 2006
    risk 0.04cvss epss 0.11

    Microsoft Internet Explorer 6.0 and 6.0 SP1 allows remote attackers to cause a denial of service via an HTML page with an A tag containing a long title attribute. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

  • CVE-2006-3354Jul 6, 2006
    risk 0.04cvss epss 0.17

    Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Filter property of an ADODB.Recordset ActiveX object to certain values multiple times, which triggers a null dereference.

  • CVE-2005-4717Dec 31, 2005
    risk 0.04cvss epss 0.19

    Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1, Windows XP SP2, and Windows Server 2003 SP1 allows remote attackers to cause a denial of service (client crash) via a certain combination of a malformed HTML file and a CSS file that…

  • CVE-2005-2308Jul 19, 2005
    risk 0.04cvss epss 0.17

    The JPEG decoder in Microsoft Internet Explorer allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via certain crafted JPEG images, as demonstrated using (1) mov_fencepost.jpg, (2) cmp_fencepost.jpg, (3)…

  • CVE-2004-2291Dec 31, 2004
    risk 0.04cvss epss 0.11

    Microsoft Windows Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via an embedded script that uses Shell Helper objects and a shortcut (link) to execute the target script.

  • CVE-2004-0216Nov 3, 2004
    risk 0.04cvss epss 0.49

    Integer overflow in the Install Engine (inseng.dll) for Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious website or HTML email with a long .CAB file name, which triggers the integer overflow when calculating a buffer length and…

  • CVE-2004-0526Aug 6, 2004
    risk 0.04cvss epss 0.17

    Unknown versions of Internet Explorer and Outlook allow remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which…

  • CVE-2004-0420Jul 7, 2004
    risk 0.04cvss epss 0.46

    The Windows Shell application in Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by spoofing the type of a file via a CLSID specifier in the filename, as demonstrated using Internet…

  • CVE-2004-2090Feb 7, 2004
    risk 0.04cvss epss 0.16

    Microsoft Internet Explorer 5.0.1 through 6.0 allows remote attackers to determine the existence of arbitrary files via the VBScript LoadPicture method, which returns an error code if the file does not exist.

  • CVE-2002-0153Apr 22, 2002
    risk 0.04cvss epss 0.18

    Internet Explorer 5.1 for Macintosh allows remote attackers to bypass security checks and invoke local AppleScripts within a specific HTML element, aka the "Local Applescript Invocation" vulnerability.

  • CVE-2001-1489Dec 31, 2001
    risk 0.04cvss epss 0.18

    Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images.

  • CVE-2000-1061Dec 11, 2000
    risk 0.04cvss epss 0.10

    Microsoft Virtual Machine (VM) in Internet Explorer 4.x and 5.x allows an unsigned applet to create and use ActiveX controls, which allows a remote attacker to bypass Internet Explorer's security settings and execute arbitrary commands via a malicious web page or email, aka the…

  • CVE-1999-0989Dec 6, 1999
    risk 0.04cvss epss 0.12

    Buffer overflow in Internet Explorer 5 directshow filter (MSDXM.OCX) allows remote attackers to execute commands via the vnd.ms.radio protocol.

  • CVE-2000-0329Nov 11, 1999
    risk 0.04cvss epss 0.08

    A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability.

  • CVE-2008-1085Apr 8, 2008
    risk 0.03cvss epss 0.32

    Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 through SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream that triggers memory corruption, as demonstrated using an invalid MIME-type that does not have a registered…

  • CVE-2007-3902Dec 12, 2007
    risk 0.03cvss epss 0.36

    Use-after-free vulnerability in the CRecalcProperty function in mshtml.dll in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code by calling the setExpression method and then modifying the outerHTML property of an HTML element, one…

  • CVE-2007-3903Dec 12, 2007
    risk 0.03cvss epss 0.31

    Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via uninitialized or deleted objects used in repeated calls to the (1) cloneNode or (2) nodeValue JavaScript function, a different issue than CVE-2007-3902 and CVE-2007-5344, a variant of…

Page 4 of 10