CVSS: 2.6EPSS: 12%CPEs: 1EXPL: 0CVE-2005-1791
https://notcve.org/view.php?id=CVE-2005-1791
28 May 2005 — Microsoft Internet Explorer 6 SP2 (6.0.2900.2180) crashes when the user attempts to add a URI to the restricted zone, in which the full domain name of the URI begins with numeric sequences similar to an IP address. NOTE: if there is not an exploit scenario in which an attacker can trigger this behavior, then perhaps this issue should not be included in CVE. • http://marc.info/?l=bugtraq&m=111746303509720&w=2 •
CVSS: 7.5EPSS: 73%CPEs: 5EXPL: 1CVE-2005-0553 – Microsoft Internet Explorer 5.0.1 - DHTML Object Race Condition Memory Corruption
https://notcve.org/view.php?id=CVE-2005-0553
13 Apr 2005 — Race condition in the memory management routines in the DHTML object processor in Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail, aka "DHTML Object Memory Corruption Vulnerability". • https://www.exploit-db.com/exploits/25386 •
CVSS: 6.5EPSS: 16%CPEs: 3EXPL: 1CVE-2005-0500
https://notcve.org/view.php?id=CVE-2005-0500
21 Feb 2005 — Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to spoof the domain name of a URL in a titlebar for a script-initiated popup window, which could facilitate phishing attacks. • http://marc.info/?l=full-disclosure&m=110895997201027&w=2 •
CVSS: 9.8EPSS: 69%CPEs: 35EXPL: 2CVE-2005-0053 – Microsoft Internet Explorer 5.x - Valid File Drag and Drop Embedded Code (MS04-038)
https://notcve.org/view.php?id=CVE-2005-0053
08 Feb 2005 — Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the "Drag-and-Drop Vulnerability." Internet Explorer 5.01, 5.5 y 6 permite a los atacantes remotos ejecutar código arbitrario mediante eventos de arrastrar y soltar, también conocidos como "Vulnerabilidad de arrastrar y soltar". • https://www.exploit-db.com/exploits/24693 •
CVSS: 8.1EPSS: 38%CPEs: 3EXPL: 0CVE-2005-0054
https://notcve.org/view.php?id=CVE-2005-0054
08 Feb 2005 — Internet Explorer 5.01, 5.5, and 6 allows remote attackers to spoof a less restrictive security zone and execute arbitrary code via an HTML page containing URLs that contain hostnames that have been double hex encoded, which are decoded twice to generate a malicious hostname, aka the "URL Decoding Zone Spoofing Vulnerability." • http://marc.info/?l=bugtraq&m=110796851002781&w=2 •
CVSS: 9.8EPSS: 44%CPEs: 11EXPL: 0CVE-2005-0055
https://notcve.org/view.php?id=CVE-2005-0055
08 Feb 2005 — Internet Explorer 5.01, 5.5, and 6 does not properly validate buffers when handling certain DHTML methods including the createControlRange Javascript function, which allows remote attackers to execute arbitrary code, aka the "DHTML Method Heap Memory Corruption Vulnerability." • http://secunia.com/advisories/11165 •
CVSS: 8.1EPSS: 32%CPEs: 3EXPL: 1CVE-2005-0056
https://notcve.org/view.php?id=CVE-2005-0056
08 Feb 2005 — Internet Explorer 5.01, 5.5, and 6 does not properly validate certain URLs in Channel Definition Format (CDF) files, which allows remote attackers to obtain sensitive information or execute arbitrary code, aka the "Channel Definition Format (CDF) Cross Domain Vulnerability." • http://securitytracker.com/id?1013126 •
CVSS: 8.1EPSS: 2%CPEs: 1EXPL: 0CVE-2005-0110
https://notcve.org/view.php?id=CVE-2005-0110
14 Jan 2005 — Internet Explorer 6 on Windows XP SP2 allows remote attackers to bypass the file download warning dialog and possibly trick an unknowledgeable user into executing arbitrary code via a web page with a body element containing an onclick tag, as demonstrated using the createElement function. • http://marc.info/?l=full-disclosure&m=110569119106172&w=2 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2004-1527
https://notcve.org/view.php?id=CVE-2004-1527
31 Dec 2004 — Microsoft Internet Explorer 6.0 SP1 does not properly handle certain character strings in the Path attribute, which can cause it to modify cookies in other domains when the attacker's domain name is within the target's domain name or when wildcard DNS is being used, which allows remote attackers to hijack web sessions. • http://marc.info/?l=bugtraq&m=110053968530613&w=2 •
CVSS: 5.5EPSS: 12%CPEs: 3EXPL: 2CVE-2004-2179
https://notcve.org/view.php?id=CVE-2004-2179
31 Dec 2004 — asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values. • http://www.securityfocus.com/archive/1/378431 •