Lucene search

K
MicrosoftInternet Explorer*

30 matches found

CVE
CVE
added 2017/09/13 1:29 a.m.104 views

CVE-2017-8741

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the con...

7.6CVSS7.2AI score0.76981EPSS
CVE
CVE
added 2017/11/15 3:29 a.m.99 views

CVE-2017-11791

ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allo...

3.1CVSS4.7AI score0.17613EPSS
CVE
CVE
added 2017/11/15 3:29 a.m.97 views

CVE-2017-11846

ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows a...

7.5CVSS7.5AI score
CVE
CVE
added 2017/11/15 3:29 a.m.92 views

CVE-2017-11858

ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows a...

7.6CVSS7.6AI score
CVE
CVE
added 2017/11/15 3:29 a.m.91 views

CVE-2017-11843

ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an at...

7.6CVSS7.5AI score
CVE
CVE
added 2017/11/15 3:29 a.m.89 views

CVE-2017-11837

ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attack...

7.6CVSS7.5AI score
CVE
CVE
added 2017/09/13 1:29 a.m.81 views

CVE-2017-8748

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the ...

7.6CVSS7.2AI score0.76981EPSS
CVE
CVE
added 2017/11/15 3:29 a.m.79 views

CVE-2017-11838

ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attack...

7.6CVSS7.5AI score
CVE
CVE
added 2008/01/25 1:0 a.m.76 views

CVE-2008-0454

Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.6.0.244, and earlier 3.5.x and 3.6.x versions, on Windows allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via the Title field of a (1) Dailymotion and possibly (...

9.3CVSS6.2AI score0.41318EPSS
CVE
CVE
added 2011/08/09 7:55 p.m.69 views

CVE-2008-7295

Microsoft Internet Explorer cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) in...

5.8CVSS6.6AI score0.23357EPSS
CVE
CVE
added 2008/11/12 11:30 p.m.63 views

CVE-2008-4029

Cross-domain vulnerability in Microsoft XML Core Services 3.0 and 4.0, as used in Internet Explorer, allows remote attackers to obtain sensitive information from another domain via a crafted XML document, related to improper error checks for external DTDs, aka "MSXML DTD Cross-Domain Scripting Vuln...

4.3CVSS5.5AI score0.67521EPSS
CVE
CVE
added 2004/08/06 4:0 a.m.61 views

CVE-2004-0549

The WebBrowser ActiveX control, or the Internet Explorer HTML rendering engine (MSHTML), as used in Internet Explorer 6, allows remote attackers to execute arbitrary code in the Local Security context by using the showModalDialog method and modifying the location to execute code such as Javascript,...

10CVSS7.8AI score0.71697EPSS
CVE
CVE
added 2008/07/07 5:41 p.m.58 views

CVE-2008-3023

Cross-site scripting (XSS) vulnerability in FreeStyle Wiki 3.6.2 and earlier, and 3.6.3 dev3 and earlier development versions, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2005-1799.

4.3CVSS5.6AI score0.2363EPSS
CVE
CVE
added 2010/05/07 6:24 p.m.57 views

CVE-2010-1852

Microsoft Internet Explorer, when the Invisible Hand extension is enabled, uses cookies during background HTTP requests in a possibly unexpected manner, which might allow remote web servers to identify specific persons and their product searches via HTTP request logging, related to a "cross-site da...

4.3CVSS6.8AI score0.10245EPSS
CVE
CVE
added 2009/01/20 4:30 p.m.51 views

CVE-2008-5912

An unspecified function in the JavaScript implementation in Microsoft Internet Explorer creates and exposes a "temporary footprint" when there is a current login to a web site, which makes it easier for remote attackers to trick a user into acting upon a spoofed pop-up message, aka an "in-session p...

2.1CVSS6.7AI score0.17145EPSS
CVE
CVE
added 2007/05/16 7:28 p.m.49 views

CVE-2007-2718

Cross-site scripting (XSS) vulnerability in the WebMail system in Stalker CommuniGate Pro 5.1.8 and earlier, when using Microsoft Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via crafted STYLE tags.

4.3CVSS5.7AI score0.28497EPSS
CVE
CVE
added 2007/07/24 5:30 p.m.49 views

CVE-2007-3954

Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with SeaMonkey installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a mailto URI, which are insert...

4.3CVSS8AI score0.49726EPSS
CVE
CVE
added 2008/07/14 11:41 p.m.48 views

CVE-2008-3173

Microsoft Internet Explorer allows web sites to set cookies for domains that have a public suffix with more than one dot character, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session, aka "Cross-Site Cooking." NOTE: this issue may exist because ...

6.8CVSS6.4AI score0.14378EPSS
CVE
CVE
added 2007/07/24 6:30 p.m.47 views

CVE-2007-3958

Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service via a certain GIF file, as demonstrated by Art.gif.

7.1CVSS6.4AI score0.59251EPSS
CVE
CVE
added 2008/01/25 4:0 p.m.47 views

CVE-2008-0460

Cross-site scripting (XSS) vulnerability in api.php in (1) MediaWiki 1.11 through 1.11.0rc1, 1.10 through 1.10.2, 1.9 through 1.9.4, and 1.8; and (2) the BotQuery extension for MediaWiki 1.7 and earlier; when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML ...

4.3CVSS5.4AI score0.1566EPSS
CVE
CVE
added 2010/06/24 5:30 p.m.47 views

CVE-2010-2442

Microsoft Internet Explorer, possibly 8, does not properly restrict focus changes, which allows remote attackers to read keystrokes via "cross-domain IFRAME gadgets."

4.3CVSS6.8AI score0.22486EPSS
CVE
CVE
added 2007/07/21 12:30 a.m.46 views

CVE-2007-3924

Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Netscape installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a -chrome argument to the navig...

9.3CVSS8AI score0.49726EPSS
CVE
CVE
added 2008/06/24 7:41 p.m.44 views

CVE-2008-2841

Argument injection vulnerability in XChat 2.8.7b and earlier on Windows, when Internet Explorer is used, allows remote attackers to execute arbitrary commands via the --command parameter in an ircs:// URI.

6.8CVSS7.8AI score0.31187EPSS
CVE
CVE
added 2007/07/21 12:30 a.m.42 views

CVE-2007-3930

Interpretation conflict between Microsoft Internet Explorer and DocuWiki before 2007-06-26b allows remote attackers to inject arbitrary JavaScript and conduct cross-site scripting (XSS) attacks when spellchecking UTF-8 encoded messages via the spell_utf8test function in lib/exe/spellcheck.php, whic...

4.3CVSS5.5AI score0.17174EPSS
Web
CVE
CVE
added 2007/10/06 9:0 p.m.41 views

CVE-2004-2704

Hastymail 1.0.1 and earlier (stable) and 1.1 and earlier (development) does not send the "attachment" parameter in the Content-Disposition field for attachments, which causes the attachment to be rendered inline by Internet Explorer when the victim clicks the download link, which facilitates cross-...

4.3CVSS5.8AI score0.25149EPSS
CVE
CVE
added 2007/01/29 4:28 p.m.41 views

CVE-2006-6956

Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via a web page that contains a large number of nested marquee tags, a related issue to CVE-2006-2723.

4.3CVSS6.4AI score0.12074EPSS
CVE
CVE
added 2010/02/18 6:0 p.m.41 views

CVE-2010-0652

Microsoft Internet Explorer permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote HTTP servers to obtain sensitive information via a crafted document.

4.3CVSS6.2AI score0.09306EPSS
CVE
CVE
added 2011/01/07 11:0 p.m.41 views

CVE-2011-0347

Microsoft Internet Explorer on Windows XP allows remote attackers to trigger an incorrect GUI display and have unspecified other impact via vectors related to the DOM implementation, as demonstrated by cross_fuzz.

9.3CVSS7.1AI score0.3568EPSS
CVE
CVE
added 2005/06/02 4:0 a.m.40 views

CVE-2005-1829

Microsoft Internet Explorer 6 SP2 allows remote attackers to cause a denial of service (infinite loop and application crash) via two embedded files that call each other.

5CVSS7AI score0.08459EPSS
CVE
CVE
added 2007/06/06 10:30 a.m.39 views

CVE-2007-3075

Directory traversal vulnerability in Microsoft Internet Explorer allows remote attackers to read arbitrary files via directory traversal sequences in a URI with a certain scheme, possibly related to "..%5C" (encoded backslash) sequences.

7.8CVSS6.8AI score0.18282EPSS