Search Results (Refine Search)
- CPE Product: cpe:/a:microsoft:internet_explorer
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-1999-1241 |
Internet Explorer, with a security setting below Medium, allows remote attackers to execute arbitrary commands via a malicious web page that uses the FileSystemObject ActiveX object. Published: May 06, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-1999-1367 |
Internet Explorer 5.0 does not properly reset the username/password cache for Web sites that do not use standard cache controls, which could allow users on the same system to access restricted web sites that were visited by other users. Published: May 06, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-1999-0487 |
The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files. Published: May 01, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 2.6 LOW |
CVE-1999-0488 |
Internet Explorer 4.0 and 5.0 allows a remote attacker to execute security scripts in a different security context using malicious URLs, a variant of the "cross frame" vulnerability. Published: April 21, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-1999-0490 |
MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to learn information about a local user's files via an IMG SRC tag. Published: April 21, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-1999-0468 |
Internet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system using the Microsoft Scriptlet Component. Published: April 09, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 2.6 LOW |
CVE-1999-0469 |
Internet Explorer 5.0 allows window spoofing, allowing a remote attacker to spoof a legitimate web site and capture information from the client. Published: April 01, 1999; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-1999-1370 |
The setup wizard (ie5setup.exe) for Internet Explorer 5.0 disables (1) the screen saver, which could leave the system open to users with physical access if a failure occurs during an unattended installation, and (2) the Task Scheduler Service, which might prevent the scheduled execution of security-critical programs. Published: March 23, 1999; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-1453 |
Internet Explorer 4 allows remote attackers (malicious web site operators) to read the contents of the clipboard via the Internet WebBrowser ActiveX object. Published: February 02, 1999; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 2.6 LOW |
CVE-1999-0869 |
Internet Explorer 3.x to 4.01 allows a remote attacker to insert malicious content into a frame of another web site, aka frame spoofing. Published: December 01, 1998; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 2.6 LOW |
CVE-1999-0870 |
Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name into the file upload control, aka untrusted scripted paste. Published: October 01, 1998; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 2.6 LOW |
CVE-1999-0871 |
Internet Explorer 4.0 and 4.01 allow a remote attacker to read files via IE's cross frame security, aka the "Cross Frame Navigate" vulnerability. Published: September 04, 1998; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 2.6 LOW |
CVE-1999-1447 |
Internet Explorer 4.0 allows remote attackers to cause a denial of service (crash) via HTML code that contains a long CLASSID parameter in an OBJECT tag. Published: July 28, 1998; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-1999-0537 |
A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc. Published: April 01, 1998; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-1999-0331 |
Buffer overflow in Internet Explorer 4.0(1). Published: January 01, 1998; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-1999-0967 |
Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer via the res: local resource protocol. Published: November 01, 1997; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-1999-1446 |
Internet Explorer 3 records a history of all URL's that are visited by a user in DAT files located in the Temporary Internet Files and History folders, which are not cleared when the user selects the "Clear History" option, and are not visible when the user browses the folders because of tailored displays. Published: August 05, 1997; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-1999-0031 |
JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability. Published: July 08, 1997; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 2.6 LOW |
CVE-1999-0280 |
Remote command execution in Microsoft Internet Explorer using .lnk and .url files. Published: April 01, 1997; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-1999-1128 |
Internet Explorer 3.01 on Windows 95 allows remote malicious web sites to execute arbitrary commands via a .isp file, which is automatically downloaded and executed without prompting the user. Published: March 01, 1997; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 5.1 MEDIUM |