Microsoft » IE » 7.0 windows_xp_sp2 : Security Vulnerabilities, CVEs,
Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 through SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream that triggers memory corruption, as demonstrated using an invalid MIME-type that does not have a registered handler.
Max CVSS
9.3
EPSS Score
52.11%
Published
2008-04-08
Updated
2018-10-12
Unspecified vulnerability in an ActiveX control (dxtmsft.dll) in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via a crafted image, aka "Argument Handling Memory Corruption Vulnerability."
Max CVSS
9.3
EPSS Score
78.61%
Published
2008-02-12
Updated
2018-10-12
Unspecified vulnerability in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via crafted HTML layout combinations, aka "HTML Rendering Memory Corruption Vulnerability."
Max CVSS
9.3
EPSS Score
89.80%
Published
2008-02-12
Updated
2018-10-12
Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via an IFRAME with a certain XML file and XSL stylesheet that triggers a crash in mshtml.dll when a refresh is called, probably a null pointer dereference.
Max CVSS
5.0
EPSS Score
3.55%
Published
2007-03-02
Updated
2021-07-23
Internet Explorer 5.01 through 6 allows remote attackers to spoof arbitrary web sites by injecting content from one window into another window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. NOTE: later research shows that Internet Explorer 7 on Windows XP SP2 is also vulnerable.
Max CVSS
7.5
EPSS Score
69.77%
Published
2004-12-31
Updated
2021-07-23
5 vulnerabilities found