Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:microsoft:internet_explorer:3.2:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2001-0339 |
Internet Explorer 5.5 and earlier allows remote attackers to display a URL in the address bar that is different than the URL that is actually being displayed, which could be used in web site spoofing attacks, aka the "Web page spoofing vulnerability." Published: June 27, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2001-0149 |
Windows Scripting Host in Internet Explorer 5.5 and earlier allows remote attackers to read arbitrary files via the GetObject Javascript function and the htmlfile ActiveX object. Published: June 02, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2001-0150 |
Internet Explorer 5.5 and earlier executes Telnet sessions using command line arguments that are specified by the web site, which could allow remote attackers to execute arbitrary commands if the IE client is using the Telnet client provided in Services for Unix (SFU) 2.0, which creates session transcripts. Published: June 02, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.1 MEDIUM |
CVE-2001-0154 |
HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly. Published: May 03, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2001-0089 |
Internet Explorer 5.0 through 5.5 allows remote attackers to read arbitrary files from the client via the INPUT TYPE element in an HTML form, aka the "File Upload via Form" vulnerability. Published: February 16, 2001; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 2.6 LOW |
CVE-2000-0439 |
Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain client cookies from another domain by including that domain name and escaped characters in a URL, aka the "Unauthorized Cookie Access" vulnerability. Published: May 11, 2000; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 2.6 LOW |
CVE-1999-1094 |
Buffer overflow in Internet Explorer 4.01 and earlier allows remote attackers to execute arbitrary commands via a long URL with the "mk:" protocol, aka the "MK Overrun security issue." Published: December 31, 1999; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2000-0028 |
Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy and read files via the external.NavigateAndFind function. Published: December 23, 1999; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 2.6 LOW |
CVE-1999-0981 |
Internet Explorer 5.01 and earlier allows a remote attacker to create a reference to a client window and use a server-side redirect to access local files via that window, aka "Server-side Page Reference Redirect." Published: December 08, 1999; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 5.1 MEDIUM |
CVE-1999-0827 |
By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing. Published: November 01, 1999; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 2.6 LOW |
CVE-1999-0869 |
Internet Explorer 3.x to 4.01 allows a remote attacker to insert malicious content into a frame of another web site, aka frame spoofing. Published: December 01, 1998; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 2.6 LOW |