Ie@4.0 Security Vulnerabilities and Issues — Ie@4.0 CVE List

Lucene search

MicrosoftIe4.0

11 matches found

CVE•added 2009/07/22 6:30 p.m.•75 views

CVE-2009-2576

Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a long Unicode string argument to the write method, a related issue to CVE-2009-2479. NOTE: it was later reported that 7.0.6000.16473 and earlier are also affe...

5CVSS6.4AI score0.30084EPSS

CVE•added 2000/10/13 4:0 a.m.•72 views

CVE-2000-0518

Internet Explorer 4.x and 5.x does not properly verify all contents of an SSL certificate if a connection is made to the server via an image or a frame, aka one of two different "SSL Certificate Validation" vulnerabilities.

2.6CVSS6.6AI score0.02187EPSS

CVE•added 2000/02/04 5:0 a.m.•56 views

CVE-1999-0827

By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing.

2.6CVSS7AI score0.00877EPSS

CVE•added 2000/02/04 5:0 a.m.•51 views

CVE-2000-0028

Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy and read files via the external.NavigateAndFind function.

2.6CVSS7.1AI score0.21836EPSS

CVE•added 2000/03/22 5:0 a.m.•50 views

CVE-2000-0162

The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability.

5.1CVSS6.8AI score0.01479EPSS

CVE•added 2000/06/02 4:0 a.m.•49 views

CVE-2000-0329

A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability.

5.1CVSS7AI score0.08048EPSS

CVE•added 2000/01/04 5:0 a.m.•47 views

CVE-1999-0876

Buffer overflow in Internet Explorer 4.0 via EMBED tag.

10CVSS7.3AI score0.24145EPSS

CVE•added 2000/10/20 4:0 a.m.•47 views

CVE-2000-0768

A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability.

2.6CVSS6.8AI score0.16317EPSS

CVE•added 2000/10/13 4:0 a.m.•45 views

CVE-2000-0519

Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establishes a new SSL session with the same server during the same Internet Explorer session, aka one of two different "SSL Certificate Validation" vulnerabilities.

2.6CVSS7AI score0.02187EPSS

CVE•added 2005/06/21 4:0 a.m.•41 views

CVE-2001-1497

Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it easier to conduct a brute-force password guessi...

2.1CVSS6.8AI score0.01075EPSS

CVE•added 2002/06/25 4:0 a.m.•41 views

CVE-2002-0153

Internet Explorer 5.1 for Macintosh allows remote attackers to bypass security checks and invoke local AppleScripts within a specific HTML element, aka the "Local Applescript Invocation" vulnerability.

7.5CVSS6.9AI score0.42802EPSS