| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Internet Explorer 5.0 does not properly reset the username/password cache for Web sites that do not use standard cache controls, which could allow users on the same system to access restricted web sites that were visited by other users. |
| Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (infinite loop and crash) via an IFRAME with "?" as the file source. |
| Microsoft Internet Explorer 6.0.2600 on Windows XP allows remote attackers to cause a denial of service (browser crash) via a shell: URI with double backslashes (\\) in an HTML tag such as IFRAME or A. |
| Microsoft Windows Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via an embedded script that uses Shell Helper objects and a shortcut (link) to execute the target script. |
| Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code under fewer security restrictions via a malformed web page that requires NetBIOS connectivity, aka "Zone Spoofing through Malformed Web Page" vulnerability. |
| msxml3.dll in Internet Explorer 6.0.2600.0 allows remote attackers to cause a denial of service (crash) via a single & (ampersand) in a <Ref href> link, which triggers a parsing error, possibly due to missing portions of the URI. |
| The Windows Shell application in Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by spoofing the type of a file via a CLSID specifier in the filename, as demonstrated using Internet Explorer 6.0.2800.1106 on Windows XP. |
| Microsoft Internet Explorer 5.5 and 6.0 allocates memory based on the memory size written in the BMP file instead of the actual BMP file size, which allows remote attackers to cause a denial of service (memory consumption) via a small BMP file with has a large memory size. |
| Microsoft Internet Explorer 6.0, Outlook 2002, and Outlook 2003 allow remote attackers to cause a denial of service (CPU consumption), if "Do not save encrypted pages to disk" is disabled, via a web site or HTML e-mail that contains two null characters (%00) after the host name. |
| Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to execute arbitrary code via malformed Content-Disposition and Content-Type header fields that cause the application for the spoofed file type to pass the file back to the operating system for handling rather than raise an error message, aka the first variant of the "Content Disposition" vulnerability. |
| Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to view arbitrary files that contain the "{" character via script containing the cssText property of the stylesheet object, aka "Local Information Disclosure through HTML Object" vulnerability. |
| Cross-site scripting vulnerability in Internet Explorer 6 earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed. |
| The execCommand method in Microsoft Internet Explorer 6.0 SP2 allows remote attackers to bypass the "File Download - Security Warning" dialog and save arbitrary files with arbitrary extensions via the SaveAs command. |
| Microsoft Internet Explorer allows remote attackers to cause a denial of service (application crash from memory consumption), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays. |
| Internet Explorer 6 allows remote attackers to bypass the popup blocker via the document object model (DOM) methods in the DHTML Dynamic HTML (DHTML) Editing Component (DEC) and Javascript that calls showModalDialog. |
| CRLF injection vulnerability in Microsoft Internet Explorer 6.0.2800.1106 and earlier allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT command. |
| Internet Explorer 5.01 through 6 allows remote attackers to spoof arbitrary web sites by injecting content from one window into another window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. NOTE: later research shows that Internet Explorer 7 on Windows XP SP2 is also vulnerable. |
| Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to execute arbitrary code by using the "Related Topics" command in the Help ActiveX Control (hhctrl.ocx) to open a Help popup window containing the PCHealth tools.htm file in the local zone and injecting Javascript to be executed, as demonstrated using "writehta.txt" and the ADODB recordset, which saves a .HTA file to the local system, aka the "HTML Help ActiveX control Cross Domain Vulnerability." |
| Internet Explorer 5.01, 5.5, and 6 does not properly cache SSL content, which allows remote attackers to obtain information or spoof content via a web site with the same host name as the target web site, whose content is cached and reused when the user visits the target web site. |
| Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response. |
