Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2009-0305 |
Multiple stack-based buffer overflows in the Research in Motion RIM AxLoader ActiveX control in AxLoader.ocx and AxLoader.dll in BlackBerry Application Web Loader 1.0 allow remote attackers to execute arbitrary code via unspecified use of the (1) load or (2) loadJad method. Published: February 10, 2009; 5:30:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2009-0076 |
Microsoft Internet Explorer 7, when XHTML strict mode is used, allows remote attackers to execute arbitrary code via the zoom style directive in conjunction with unspecified other directives in a malformed Cascading Style Sheets (CSS) stylesheet in a crafted HTML document, aka "CSS Memory Corruption Vulnerability." Published: February 10, 2009; 5:30:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2009-0075 |
Microsoft Internet Explorer 7 does not properly handle errors during attempted access to deleted objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to CFunctionPointer and the appending of document objects, aka "Uninitialized Memory Corruption Vulnerability." Published: February 10, 2009; 5:30:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2009-0369 |
Microsoft Internet Explorer 7 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Clickjacking" vulnerability. Published: January 30, 2009; 2:30:00 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2009-0341 |
The shell32 module in Microsoft Internet Explorer 7.0 on Windows XP SP3 might allow remote attackers to execute arbitrary code via a long VALUE attribute in an INPUT element, possibly related to a stack consumption vulnerability. Published: January 29, 2009; 2:30:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2008-5917 |
Cross-site scripting (XSS) vulnerability in the XSS filter (framework/Text_Filter/Filter/xss.php) in Horde Application Framework 3.2.2 and 3.3, when Internet Explorer is being used, allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to style attributes. Published: January 20, 2009; 9:30:00 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2008-5912 |
An unspecified function in the JavaScript implementation in Microsoft Internet Explorer creates and exposes a "temporary footprint" when there is a current login to a web site, which makes it easier for remote attackers to trick a user into acting upon a spoofed pop-up message, aka an "in-session phishing attack." NOTE: as of 20090116, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. Published: January 20, 2009; 11:30:00 AM -0500 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2009-0072 |
Microsoft Internet Explorer 6.0 through 8.0 beta2 allows remote attackers to cause a denial of service (application crash) via an onload=screen[""] attribute value in a BODY element. Published: January 08, 2009; 2:30:11 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2008-5548 |
VirusBuster 4.5.11.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. Published: December 12, 2008; 1:30:03 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2008-5546 |
VirusBlokAda VBA32 3.12.8.5, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. Published: December 12, 2008; 1:30:03 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2008-5545 |
Trend Micro VSAPI 8.700.0.1004 in Trend Micro AntiVirus, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. Published: December 12, 2008; 1:30:03 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2008-5544 |
Hacksoft The Hacker 6.3.1.2.174 and possibly 6.3.0.9.081, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. Published: December 12, 2008; 1:30:03 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2008-5543 |
Symantec AntiVirus (SAV) 10, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. Published: December 12, 2008; 1:30:03 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2008-5542 |
Sunbelt VIPRE 3.1.1832.2 and possibly 3.1.1633.1, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. Published: December 12, 2008; 1:30:03 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2008-5541 |
Sophos Anti-Virus 4.33.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. Published: December 12, 2008; 1:30:03 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2008-5540 |
Secure Computing Secure Web Gateway (aka Webwasher), when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. Published: December 12, 2008; 1:30:03 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2008-5539 |
RISING Antivirus 21.06.31.00 and possibly 20.61.42.00, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. Published: December 12, 2008; 1:30:03 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2008-5538 |
Prevx Prevx1 2, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. Published: December 12, 2008; 1:30:03 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2008-5537 |
PC Tools AntiVirus 4.4.2.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. Published: December 12, 2008; 1:30:03 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2008-5536 |
Panda Antivirus 9.0.0.4, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. Published: December 12, 2008; 1:30:02 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |