| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2013-2566 |
310 |
|
|
2013-03-15 |
2013-04-19 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext. |
|
2 |
CVE-2010-0808 |
200 |
|
+Info |
2010-10-13 |
2011-07-18 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
Microsoft Internet Explorer 6 and 7 on Windows XP and Vista does not prevent script from simulating user interaction with the AutoComplete feature, which allows remote attackers to obtain sensitive form information via a crafted web site, aka "AutoComplete Information Disclosure Vulnerability." |
|
3 |
CVE-2008-2159 |
200 |
|
+Info |
2008-05-12 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Microsoft Internet Explorer 7 can save encrypted pages in the cache even when the DisableCachingOfSSLPages registry setting is enabled, which might allow local users to obtain sensitive information. |
|
4 |
CVE-2006-5578 |
|
|
+Info |
2006-12-12 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
Microsoft Internet Explorer 6 and earlier allows remote attackers to read Temporary Internet Files (TIF) and obtain sensitive information via unspecified vectors involving certain drag and drop operations, aka "TIF Folder Information Disclosure Vulnerability," and a different issue than CVE-2006-5577. |
|
5 |
CVE-2006-3943 |
|
|
DoS Overflow |
2006-07-31 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
Stack-based buffer overflow in NDFXArtEffects in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) via long (1) RGBExtraColor, (2) RGBForeColor, and (3) RGBBackColor properties. |
|
6 |
CVE-2006-3729 |
|
|
DoS Overflow |
2006-07-21 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
DataSourceControl in Internet Explorer 6 on Windows XP SP2 with Office installed allows remote attackers to cause a denial of service (crash) via a large negative integer argument to the getDataMemberName method of a OWC11.DataSourceControl.11 object, which leads to an integer overflow and a null dereference. |
|
7 |
CVE-2006-3510 |
|
|
DoS |
2006-07-11 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
The Remote Data Service Object (RDS.DataControl) in Microsoft Internet Explorer 6 on Windows 2000 allows remote attackers to cause a denial of service (crash) via a series of operations that result in an invalid length calculation when using SysAllocStringLen, then triggers a buffer over-read. |
|
8 |
CVE-2006-3227 |
|
|
Bypass |
2006-06-26 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Interpretation conflict between Internet Explorer and other web browsers such as Mozilla, Opera, and Firefox might allow remote attackers to modify the visual presentation of web pages and possibly bypass protection mechanisms such as content filters via ASCII characters with the 8th bit set, which could be stripped by Internet Explorer to render legible text, but not when using other browsers. NOTE: there has been significant discussion about this issue, and as of 20060625, it is not clear where the responsibility for this issue lies, although it might be due to vagueness within the associated standards. NOTE: this might only be exploitable with certain encodings. |
|
9 |
CVE-2006-2766 |
|
|
DoS Overflow |
2006-06-02 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
Buffer overflow in INETCOMM.DLL, as used in Microsoft Internet Explorer 6.0 through 6.0 SP2, Windows Explorer, Outlook Express 6, and possibly other programs, allows remote user-assisted attackers to cause a denial of service (application crash) via a long mhtml URI in the URL value in a URL file. |
|
10 |
CVE-2006-1992 |
399 |
|
DoS Exec Code |
2006-04-24 |
2011-09-20 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
mshtml.dll 6.00.2900.2873, as used in Microsoft Internet Explorer, allows remote attackers to cause a denial of service (crash) via nested OBJECT tags, which trigger invalid pointer dereferences including NULL dereferences. NOTE: the possibility of code execution was originally theorized, but Microsoft has stated that this issue is non-exploitable. |
|
11 |
CVE-2006-1192 |
20 |
|
|
2006-04-11 |
2011-10-03 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow "window content to persist" after the user has navigated to another site, aka the "Address Bar Spoofing Vulnerability." NOTE: this is a different vulnerability than CVE-2006-1626. |
|
12 |
CVE-2006-0753 |
|
|
DoS |
2006-02-17 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
Memory leak in Microsoft Internet Explorer 6 for Windows XP Service Pack 2 allows remote attackers to cause a denial of service (memory consumption) via JavaScript that uses setInterval to repeatedly call a function to set the value of window.status. |
|
13 |
CVE-2005-2274 |
|
|
|
2005-07-13 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Microsoft Internet Explorer 6.0 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability." |
|
14 |
CVE-2005-2126 |
|
|
|
2005-10-21 |
2008-09-10 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
The FTP client in Windows XP SP1 and Server 2003, and Internet Explorer 6 SP1 on Windows 2000 SP4, when "Enable Folder View for FTP Sites" is enabled and the user manually initiates a file transfer, allows user-assisted, remote FTP servers to overwrite files in arbitrary locations via crafted filenames. |
|
15 |
CVE-2005-1791 |
|
|
|
2005-05-28 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
Microsoft Internet Explorer 6 SP2 (6.0.2900.2180) crashes when the user attempts to add a URI to the restricted zone, in which the full domain name of the URI begins with numeric sequences similar to an IP address. NOTE: if there is not an exploit scenario in which an attacker can trigger this behavior, then perhaps this issue should not be included in CVE. |
|
16 |
CVE-2005-1790 |
399 |
|
DoS Exec Code Mem. Corr. |
2005-06-01 |
2011-09-27 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
Microsoft Internet Explorer 6 SP2 6.0.2900.2180 and 6.0.2800.1106, and earlier versions, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a Javascript BODY onload event that calls the window function, aka "Mismatched Document Object Model Objects Memory Corruption Vulnerability." |
|
17 |
CVE-2005-0110 |
|
|
Bypass |
2005-01-14 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Internet Explorer 6 on Windows XP SP2 allows remote attackers to bypass the file download warning dialog and possibly trick an unknowledgeable user into executing arbitrary code via a web page with a body element containing an onclick tag, as demonstrated using the createElement function. |
|
18 |
CVE-2004-2476 |
|
|
DoS |
2004-12-31 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (infinite loop and crash) via an IFRAME with "?" as the file source. |
|
19 |
CVE-2004-2219 |
|
|
|
2004-12-31 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar to facilitate phishing attacks via Javascript that uses an invalid URI, modifies the Location field, then uses history.back to navigate to the previous domain, aka NullyFake. |
|
20 |
CVE-2004-2011 |
|
|
DoS |
2004-12-31 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
msxml3.dll in Internet Explorer 6.0.2600.0 allows remote attackers to cause a denial of service (crash) via a single & (ampersand) in a <Ref href> link, which triggers a parsing error, possibly due to missing portions of the URI. |
|
21 |
CVE-2004-1922 |
|
|
DoS |
2004-04-11 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
Microsoft Internet Explorer 5.5 and 6.0 allocates memory based on the memory size written in the BMP file instead of the actual BMP file size, which allows remote attackers to cause a denial of service (memory consumption) via a small BMP file with has a large memory size. |
|
22 |
CVE-2004-1331 |
|
|
Bypass |
2004-11-16 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
The execCommand method in Microsoft Internet Explorer 6.0 SP2 allows remote attackers to bypass the "File Download - Security Warning" dialog and save arbitrary files with arbitrary extensions via the SaveAs command. |
|
23 |
CVE-2004-0484 |
|
|
DoS |
2004-07-07 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
mshtml.dll in Microsoft Internet Explorer 6.0.2800 allows remote attackers to cause a denial of service (crash) via a table containing a form that crosses multiple td elements, and whose "float: left" class is defined in a link to a CSS stylesheet after the end of the table, which may trigger a null dereference. |
|
24 |
CVE-2003-1105 |
|
|
DoS |
2003-12-31 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
Unknown vulnerability in Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to cause a denial of service (browser or Outlook Express crash) via HTML with certain input tags that are not properly rendered. |
|
25 |
CVE-2002-1444 |
|
|
DoS |
2002-08-15 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
The Google toolbar 1.1.60, when running on Internet Explorer 5.5 and 6.0, allows remote attackers to cause a denial of service (crash with an exception in oleaut32.dll) via malicious HTML, possibly related to small width and height parameters or an incorrect call to the Google.Search() function. |
|
26 |
CVE-2001-1497 |
|
|
|
2001-12-31 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it easier to conduct a brute-force password guessing attack. |
|
27 |
CVE-2001-1450 |
|
|
DoS |
2001-05-11 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
Microsoft Internet Explorer 5.0 through 6.0 allows attackers to cause a denial of service (browser crash) via a crafted FTP URL such as "/.#./". |
|
28 |
CVE-2001-1218 |
|
|
DoS |
2001-12-20 |
2008-09-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Microsoft Internet Explorer for Unix 5.0SP1 allows local users to possibly cause a denial of service (crash) in CDE or the X server on Solaris 2.6 by rapidly scrolling Chinese characters or maximizing the window. |
|
29 |
CVE-2001-0807 |
|
|
|
2001-12-06 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
Internet Explorer 5.0, and possibly other versions, may allow remote attackers (malicious web pages) to read known text files from a client's hard drive via a SCRIPT tag with a SRC value that points to the text file. |
|
30 |
CVE-2001-0092 |
|
|
|
2001-02-16 |
2008-09-10 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
A function in Internet Explorer 5.0 through 5.5 does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a new variant of the "Frame Domain Verification" vulnerability. |
|
31 |
CVE-2001-0091 |
|
|
|
2001-02-16 |
2008-09-10 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
The ActiveX control for invoking a scriptlet in Internet Explorer 5.0 through 5.5 renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka a variant of the "Scriptlet Rendering" vulnerability. |
|
32 |
CVE-2001-0089 |
|
|
|
2001-02-16 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
Internet Explorer 5.0 through 5.5 allows remote attackers to read arbitrary files from the client via the INPUT TYPE element in an HTML form, aka the "File Upload via Form" vulnerability. |
|
33 |
CVE-2000-0768 |
|
|
|
2000-10-20 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability. |
|
34 |
CVE-2000-0767 |
|
|
|
2000-10-20 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
The ActiveX control for invoking a scriptlet in Internet Explorer 4.x and 5.x renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka the "Scriptlet Rendering" vulnerability. |
|
35 |
CVE-2000-0519 |
|
|
|
2000-06-05 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establishes a new SSL session with the same server during the same Internet Explorer session, aka one of two different "SSL Certificate Validation" vulnerabilities. |
|
36 |
CVE-2000-0518 |
|
|
|
2000-06-05 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
Internet Explorer 4.x and 5.x does not properly verify all contents of an SSL certificate if a connection is made to the server via an image or a frame, aka one of two different "SSL Certificate Validation" vulnerabilities. |
|
37 |
CVE-2000-0503 |
|
|
|
2000-06-06 |
2008-09-10 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
The IFRAME of the WebBrowser control in Internet Explorer 5.01 allows a remote attacker to violate the cross frame security policy via the NavigateComplete2 event. |
|
38 |
CVE-2000-0439 |
|
|
|
2000-05-11 |
2008-09-10 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain client cookies from another domain by including that domain name and escaped characters in a URL, aka the "Unauthorized Cookie Access" vulnerability. |
|
39 |
CVE-2000-0266 |
|
|
Bypass |
2000-04-18 |
2008-09-10 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
Internet Explorer 5.01 allows remote attackers to bypass the cross frame security policy via a malicious applet that interacts with the Java JSObject to modify the DOM properties to set the IFRAME to an arbitrary Javascript URL. |
|
40 |
CVE-2000-0028 |
|
|
Bypass |
1999-12-23 |
2008-09-10 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy and read files via the external.NavigateAndFind function. |
|
41 |
CVE-1999-1453 |
|
|
|
1999-02-02 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
Internet Explorer 4 allows remote attackers (malicious web site operators) to read the contents of the clipboard via the Internet WebBrowser ActiveX object. |
|
42 |
CVE-1999-1446 |
|
|
|
1997-08-05 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Internet Explorer 3 records a history of all URL's that are visited by a user in DAT files located in the Temporary Internet Files and History folders, which are not cleared when the user selects the "Clear History" option, and are not visible when the user browses the folders because of tailored displays. |
|
43 |
CVE-1999-0871 |
|
|
|
1998-09-04 |
2008-09-09 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
Internet Explorer 4.0 and 4.01 allow a remote attacker to read files via IE's cross frame security, aka the "Cross Frame Navigate" vulnerability. |
|
44 |
CVE-1999-0870 |
|
|
|
1998-10-01 |
2008-09-09 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name into the file upload control, aka untrusted scripted paste. |
|
45 |
CVE-1999-0869 |
|
|
|
1998-12-01 |
2008-09-09 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
Internet Explorer 3.x to 4.01 allows a remote attacker to insert malicious content into a frame of another web site, aka frame spoofing. |
|
46 |
CVE-1999-0827 |
|
|
|
1999-11-01 |
2008-09-09 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing. |
|
47 |
CVE-1999-0793 |
|
|
|
1999-11-17 |
2008-09-09 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet. |
|
48 |
CVE-1999-0487 |
|
|
|
1999-05-01 |
2008-09-09 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files. |
|
49 |
CVE-1999-0468 |
|
|
|
1999-04-09 |
2008-09-09 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
Internet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system using the Microsoft Scriptlet Component. |
|
50 |
CVE-1999-0031 |
|
|
|
1997-07-08 |
2008-09-09 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability. |
