Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1185 | 2 Canon, Microsoft | 3 Network Camera Server Vb101, Ie, Internet Explorer | 2021-07-23 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption. | |||||
| CVE-2006-3657 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (stack overflow exception) via a DXImageTransform.Microsoft.Gradient ActiveX object with a long (1) StartColorStr or (2) EndColorStr property. | |||||
| CVE-2006-3658 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-23 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by accessing the object references of a FolderItem ActiveX object, which triggers a null dereference in the security check. | |||||
| CVE-2007-3111 | 2 Microsoft, Provideo | 3 Internet Explorer, Windows 2000, Camimage Activex Control | 2021-07-23 | 10.0 HIGH | N/A |
| Buffer overflow in the Provideo Camimage ActiveX control in ISSCamControl.dll 1.0.1.5, when Internet Explorer 6 is used on Windows 2000 SP4, allows remote attackers to execute arbitrary code via a long URL property value. | |||||
| CVE-2006-7206 | 1 Microsoft | 2 Internet Explorer, Windows Xp | 2021-07-23 | 7.8 HIGH | N/A |
| Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by creating a ADODB.Recordset object and making a series of calls to the NextRecordset method with a long string argument, which causes an "invalid memory access" in the SysFreeString function, a different issue than CVE-2006-3510 and CVE-2006-3899. | |||||
| CVE-2007-2938 | 2 Honeywell, Microsoft | 2 Ademco Atnbaseloader100 Module, Internet Explorer | 2021-07-23 | 10.0 HIGH | N/A |
| Buffer overflow in the BaseRunner ActiveX control in the Ademco ATNBaseLoader100 Module (ATNBaseLoader100.dll) 5.4.0.6, when Internet Explorer 6 is used, allows remote attackers to execute arbitrary code via a long argument to the (1) Send485CMD method, and possibly the (2) SetLoginID, (3) AddSite, (4) SetScreen, and (5) SetVideoServer methods. | |||||
| CVE-2003-1505 | 1 Microsoft | 1 Internet Explorer | 2021-07-23 | 4.3 MEDIUM | N/A |
| Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (crash) by creating a web page or HTML e-mail with a textarea in a div element whose scrollbar-base-color is modified by a CSS style, which is then moved. | |||||
| CVE-2007-3406 | 1 Microsoft | 2 Internet Explorer, Windows Xp | 2021-07-23 | 4.3 MEDIUM | N/A |
| Multiple absolute path traversal vulnerabilities in Microsoft Internet Explorer 6 on Windows XP SP2 allow remote attackers to access arbitrary local files via the file: URI in the (1) src attribute of a (a) bgsound, (b) input, (c) EMBED, (d) img, or (e) script tag; (2) data attribute of an object tag; (3) value attribute of a param tag; (4) background attribute of a body tag; or (5) the background:url attribute declared in the BODY parameter of a STYLE tag. | |||||
| CVE-1999-0468 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 2.6 LOW | N/A |
| Internet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system using the Microsoft Scriptlet Component. | |||||
| CVE-2001-0807 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 2.6 LOW | N/A |
| Internet Explorer 5.0, and possibly other versions, may allow remote attackers (malicious web pages) to read known text files from a client's hard drive via a SCRIPT tag with a SRC value that points to the text file. | |||||
| CVE-1999-0793 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 2.6 LOW | N/A |
| Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet. | |||||
| CVE-1999-0487 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 2.6 LOW | N/A |
| The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files. | |||||
| CVE-1999-1235 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 4.6 MEDIUM | N/A |
| Internet Explorer 5.0 records the username and password for FTP servers in the URL history, which could allow (1) local users to read the information from another user's index.dat, or (2) people who are physically observing ("shoulder surfing") another user to read the information from the status bar when the user moves the mouse over a link. | |||||
| CVE-1999-1577 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 5.1 MEDIUM | N/A |
| Buffer overflow in HHOpen ActiveX control (hhopen.ocx) 1.0.0.1 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands via long arguments to the OpenHelp method. | |||||
| CVE-1999-1575 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 5.1 MEDIUM | N/A |
| The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands. | |||||
| CVE-1999-1370 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 7.2 HIGH | N/A |
| The setup wizard (ie5setup.exe) for Internet Explorer 5.0 disables (1) the screen saver, which could leave the system open to users with physical access if a failure occurs during an unattended installation, and (2) the Task Scheduler Service, which might prevent the scheduled execution of security-critical programs. | |||||
| CVE-1999-0354 | 1 Microsoft | 2 Internet Explorer, Word | 2021-07-22 | 7.5 HIGH | N/A |
| Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content. Also applies to Outlook when the client views a malicious email message. | |||||
| CVE-1999-0669 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 4.0 MEDIUM | N/A |
| The Eyedog ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy. | |||||
| CVE-1999-1016 | 2 Microsoft, Qualcomm | 4 Frontpage, Internet Explorer, Outlook Express and 1 more | 2021-07-22 | 5.0 MEDIUM | N/A |
| Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell. | |||||
| CVE-1999-0670 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 4.0 MEDIUM | N/A |
| Buffer overflow in the Eyedog ActiveX control allows a remote attacker to execute arbitrary commands. | |||||