) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CPE Product Version: cpe:/a:microsoft:ie:7
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2008-1085 |
Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 through SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream that triggers memory corruption, as demonstrated using an invalid MIME-type that does not have a registered handler. Published: April 08, 2008; 7:05:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
| CVE-2008-0076 |
Unspecified vulnerability in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via crafted HTML layout combinations, aka "HTML Rendering Memory Corruption Vulnerability." Published: February 12, 2008; 6:00:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
| CVE-2008-0078 |
Unspecified vulnerability in an ActiveX control (dxtmsft.dll) in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via a crafted image, aka "Argument Handling Memory Corruption Vulnerability." Published: February 12, 2008; 6:00:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
| CVE-2006-7065 |
Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via an IFRAME with a certain XML file and XSL stylesheet that triggers a crash in mshtml.dll when a refresh is called, probably a null pointer dereference. Published: March 02, 2007; 4:18:00 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |