Internet Explorer@4.71.544 Security Vulnerabilities and Issues — Internet Explorer@4.71.544 CVE List

Lucene search

MicrosoftInternet Explorer4.71.544

7 matches found

CVE•added 2009/06/15 7:30 p.m.•67 views

CVE-2009-2057

Microsoft Internet Explorer before 8 uses the HTTP Host header to determine the context of a document provided in a (1) 4xx or (2) 5xx CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL tampe...

5.8CVSS7.1AI score0.11952EPSS

CVE•added 2011/06/03 5:55 p.m.•52 views

CVE-2011-2382

Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 beta, does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a SRC attribute containing a file: URL, as demonstrated...

4.3CVSS6.5AI score0.34997EPSS

CVE•added 2011/12/07 7:55 p.m.•50 views

CVE-2002-2435

The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264.

4.3CVSS5.6AI score0.22206EPSS

CVE•added 2009/06/15 7:30 p.m.•50 views

CVE-2009-2069

Microsoft Internet Explorer before 8 displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, ...

5.8CVSS6.5AI score0.02947EPSS

CVE•added 2011/12/07 7:55 p.m.•44 views

CVE-2010-5071

The JavaScript implementation in Microsoft Internet Explorer 8.0 and earlier does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method.

5CVSS6.2AI score0.10857EPSS

CVE•added 2009/08/24 3:30 p.m.•43 views

CVE-2009-2954

Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote attackers to cause a denial of service (CPU consumption and application hang) via JavaScript code with a long string value for the hash property (aka location.hash), a related issue to CVE-2008-5715.

5CVSS6.7AI score0.13654EPSS

CVE•added 2006/02/08 1:2 a.m.•38 views

CVE-2006-0585

jscript.dll in Microsoft Internet Explorer 6.0 SP1 and earlier allows remote attackers to cause a denial of service (application crash) via a Shockwave Flash object that contains ActionScript code that calls VBScript, which in turn calls the Javascript document.write function, which triggers a null...

5CVSS6.8AI score0.29854EPSS