VYPR

Ie

by Microsoft

CVEs (200)

  • CVE-2007-4848Sep 12, 2007
    risk 0.01cvss epss 0.07

    Microsoft Internet Explorer 4.0 through 7 allows remote attackers to determine the existence of local files that have associated images via a res:// URI in the src property of a JavaScript Image object, as demonstrated by the URI for a bitmap image resource within a (1) .exe or…

  • CVE-2007-1114Feb 26, 2007
    risk 0.01cvss epss 0.12

    The child frames in Microsoft Internet Explorer 7 inherit the default charset from the parent window when a charset is not specified in an HTTP Content-Type header or META tag, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the…

  • CVE-2006-7030Feb 23, 2007
    risk 0.01cvss epss 0.16

    Microsoft Internet Explorer 6 SP2 and earlier allows remote attackers to cause a denial of service (crash) via certain malformed HTML, possibly involving applet and base tags without required arguments, which triggers a null pointer dereference in mshtml.dll.

  • CVE-2006-5884Nov 14, 2006
    risk 0.01cvss epss 0.07

    Multiple unspecified vulnerabilities in DirectAnimation ActiveX controls for Microsoft Internet Explorer 5.01 through 6 have unknown impact and remote attack vectors, possibly related to (1) Danim.dll and (2) Lmrt.dll, a different set of vulnerabilities than CVE-2006-4446 and…

  • CVE-2006-4888Sep 19, 2006
    risk 0.01cvss epss 0.17

    Microsoft Internet Explorer 6 and earlier allows remote attackers to cause a denial of service (application hang) via a CSS-formatted HTML INPUT element within a DIV element that has a larger size than the INPUT.

  • CVE-2006-4560Sep 6, 2006
    risk 0.01cvss epss 0.18

    Internet Explorer 6 on Windows XP SP2 allows remote attackers to execute arbitrary JavaScript in the context of the browser's session with an arbitrary intranet web server, by hosting script on an Internet web server that can be made inaccessible by the attacker and that has a…

  • CVE-2006-3659Jul 18, 2006
    risk 0.01cvss epss 0.15

    Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the location or URL property of a MHTMLFile ActiveX object.

  • CVE-2006-3657Jul 18, 2006
    risk 0.01cvss epss 0.17

    Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (stack overflow exception) via a DXImageTransform.Microsoft.Gradient ActiveX object with a long (1) StartColorStr or (2) EndColorStr property.

  • CVE-2006-3658Jul 18, 2006
    risk 0.01cvss epss 0.13

    Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by accessing the object references of a FolderItem ActiveX object, which triggers a null dereference in the security check.

  • CVE-2006-2900Jun 7, 2006
    risk 0.01cvss epss 0.13

    Internet Explorer 6 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those…

  • CVE-2006-1719Apr 11, 2006
    risk 0.01cvss epss 0.14

    Internet Explorer 6 allows remote attackers to cause a denial of service (application crash) via any scrollbar Cascading Style Sheets (CSS) property.

  • CVE-2006-0753Feb 18, 2006
    risk 0.01cvss epss 0.12

    Memory leak in Microsoft Internet Explorer 6 for Windows XP Service Pack 2 allows remote attackers to cause a denial of service (memory consumption) via JavaScript that uses setInterval to repeatedly call a function to set the value of window.status.

  • CVE-2005-4679Dec 31, 2005
    risk 0.01cvss epss 0.08

    Internet Explorer 6 for Windows XP Service Pack 2 allows remote attackers to spoof the URL in the status bar via the title in an image in a link to a trusted site within a form to the malicious site.

  • CVE-2005-4827Dec 31, 2005
    risk 0.01cvss epss 0.11

    Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) and using tab, newline, and carriage return…

  • CVE-2005-2829Dec 14, 2005
    risk 0.01cvss epss 0.19

    Multiple design errors in Microsoft Internet Explorer 5.01, 5.5, and 6 allow user-assisted attackers to execute arbitrary code by (1) overlaying a malicious new window above a file download box, then (2) using a keyboard shortcut and delaying the display of the file download box…

  • CVE-2005-2126Oct 21, 2005
    risk 0.01cvss epss 0.14

    The FTP client in Windows XP SP1 and Server 2003, and Internet Explorer 6 SP1 on Windows 2000 SP4, when "Enable Folder View for FTP Sites" is enabled and the user manually initiates a file transfer, allows user-assisted, remote FTP servers to overwrite files in arbitrary…

  • CVE-2005-0500May 2, 2005
    risk 0.01cvss epss 0.11

    Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to spoof the domain name of a URL in a titlebar for a script-initiated popup window, which could facilitate phishing attacks.

  • CVE-2005-0110Jan 14, 2005
    risk 0.01cvss epss 0.07

    Internet Explorer 6 on Windows XP SP2 allows remote attackers to bypass the file download warning dialog and possibly trick an unknowledgeable user into executing arbitrary code via a web page with a body element containing an onclick tag, as demonstrated using the createElement…

  • CVE-2004-1155Dec 31, 2004
    risk 0.01cvss epss 0.13

    Internet Explorer 5.01 through 6 allows remote attackers to spoof arbitrary web sites by injecting content from one window into another window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window…

  • CVE-2004-2179Dec 31, 2004
    risk 0.01cvss epss 0.12

    asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values.

Page 8 of 10