Ie Security Vulnerabilities and Issues — Ie CVE List

Lucene search

MicrosoftIe

12 matches found

CVE•added 2003/06/16 4:0 a.m.•72 views

CVE-2003-0344

Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page.

7.5CVSS7.9AI score0.74307EPSS

CVE•added 2003/08/27 4:0 a.m.•61 views

CVE-2003-0701

Buffer overflow in Internet Explorer 6 SP1 for certain languages that support double-byte encodings (e.g., Japanese) allows remote attackers to execute arbitrary code via the Type property of an Object tag, a variant of CVE-2003-0344.

7.5CVSS7.8AI score0.74307EPSS

CVE•added 2003/05/12 4:0 a.m.•55 views

CVE-2003-0113

Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via an HTTP response containing long values in (1) Content-type and (2) Content-encoding fields.

7.5CVSS8.1AI score0.36677EPSS

CVE•added 2003/08/27 4:0 a.m.•52 views

CVE-2003-0532

Internet Explorer 5.01 SP3 through 6.0 SP1 does not properly determine object types that are returned by web servers, which could allow remote attackers to execute arbitrary code via an object tag with a data parameter to a malicious file hosted on a server that returns an unsafe Content-Type, aka ...

7.5CVSS7.6AI score0.28455EPSS

CVE•added 2003/05/12 4:0 a.m.•51 views

CVE-2003-0115

Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check parameters that are passed during third party rendering, which could allow remote attackers to execute arbitrary web script, aka the "Third Party Plugin Rendering" vulnerability, a different vulnerability than CVE-2003-0233.

7.5CVSS7.8AI score0.13253EPSS

CVE•added 2003/08/27 4:0 a.m.•51 views

CVE-2003-0531

Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to access and execute script in the My Computer domain using the browser cache via crafted Content-Type and Content-Disposition headers, aka the "Browser Cache Script Execution in My Computer Zone" vulnerability.

7.5CVSS7.7AI score0.2025EPSS

CVE•added 2003/05/12 4:0 a.m.•49 views

CVE-2003-0116

Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote attackers to read files on the local system via a web page containing script that creates a dialog and then accesses the target files, aka "Modal Di...

5CVSS7.4AI score0.25468EPSS

CVE•added 2003/11/17 5:0 a.m.•48 views

CVE-2003-0809

Internet Explorer 5.01 through 6.0 does not properly handle object tags returned from a Web server during XML data binding, which allows remote attackers to execute arbitrary code via an HTML e-mail message or web page.

7.5CVSS8AI score0.45451EPSS

CVE•added 2003/05/12 4:0 a.m.•46 views

CVE-2003-0233

Heap-based buffer overflow in plugin.ocx for Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via the Load() method, a different vulnerability than CVE-2003-0115.

7.5CVSS8.2AI score0.13253EPSS

CVE•added 2003/05/12 4:0 a.m.•44 views

CVE-2003-0114

The file upload control in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to automatically upload files from the local system via a web page containing a script to upload the files.

5CVSS7.5AI score0.30354EPSS

CVE•added 2003/08/27 4:0 a.m.•44 views

CVE-2003-0530

Buffer overflow in the BR549.DLL ActiveX control for Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to execute arbitrary code.

7.5CVSS8.1AI score0.23688EPSS

CVE•added 2003/11/17 5:0 a.m.•43 views

CVE-2003-0838

Internet Explorer allows remote attackers to bypass zone restrictions to inject and execute arbitrary programs by creating a popup window and inserting ActiveX object code with a "data" tag pointing to the malicious code, which Internet Explorer treats as HTML or Javascript, but later executes as a...

7.5CVSS7.3AI score0.68345EPSS