CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2001-1219
https://notcve.org/view.php?id=CVE-2001-1219
20 Dec 2001 — Microsoft Internet Explorer 6.0 and earlier allows malicious website operators to cause a denial of service (client crash) via JavaScript that continually refreshes the window via self.location. MS Internet Explorer 6.0 y anteriores permite a webmasters maliciosos provocar una denegación de servicio por medio de JavaScript que continuamente refresca la ventana con self.location. • http://www.securityfocus.com/archive/1/246649 •
CVSS: 8.8EPSS: 96%CPEs: 2EXPL: 0CVE-2001-0727
https://notcve.org/view.php?id=CVE-2001-0727
14 Dec 2001 — Internet Explorer 6.0 allows remote attackers to execute arbitrary code by modifying the Content-Disposition and Content-Type header fields in a way that causes Internet Explorer to believe that the file is safe to open without prompting the user, aka the "File Execution Vulnerability." Internet Explorer 6.0 permite a atacantes remotos la ejecución de código arbitrario mediante la modificación de los campos de cabecera 'Content-Disposition' y 'Content-Type' de modo que hace creer a Internet Explorer que es ... • http://marc.info/?l=bugtraq&m=100835204509262&w=2 •
CVSS: 5.0EPSS: 39%CPEs: 2EXPL: 0CVE-2001-0874
https://notcve.org/view.php?id=CVE-2001-0874
13 Dec 2001 — Internet Explorer 5.5 and 6.0 allow remote attackers to read certain files via HTML that passes information from a frame in the client's domain to a frame in the web site's domain, a variant of the "Frame Domain Verification" vulnerability. Internet Explorer 5.5 y 6.0 permite a atacantes remotos la lectura de ciertos ficheros vía HTML, pasando información de un marco en el dominio del cliente a otro marco del dominio del sitio web, una variante de la vulnerabilidad "FrameDomain Verification". • http://www.ciac.org/ciac/bulletins/m-027.shtml •
CVSS: 6.4EPSS: 3%CPEs: 2EXPL: 2CVE-2001-0722 – Microsoft Internet Explorer 5/6 - Cookie Disclosure/Modification
https://notcve.org/view.php?id=CVE-2001-0722
06 Dec 2001 — Internet Explorer 5.5 and 6.0 allows remote attackers to read and modify user cookies via Javascript in an about: URL, aka the "First Cookie Handling Vulnerability." • https://www.exploit-db.com/exploits/21144 •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 3CVE-2001-0875 – Microsoft Internet Explorer 5.5/6.0 - Spoofable File Extensions
https://notcve.org/view.php?id=CVE-2001-0875
26 Nov 2001 — Internet Explorer 5.5 and 6.0 allows remote attackers to cause the File Download dialogue box to misrepresent the name of the file in the dialogue in a way that could fool users into thinking that the file type is safe to download. • https://www.exploit-db.com/exploits/21164 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2001-0904
https://notcve.org/view.php?id=CVE-2001-0904
20 Nov 2001 — Internet Explorer 5.5 and 6 with the Q312461 (MS01-055) patch modifies the HTTP_USER_AGENT (UserAgent) information that indicates that the patch has been installed, which could allow remote malicious web sites to more easily identify and exploit vulnerable clients. • http://marc.info/?l=bugtraq&m=100619268115798&w=2 •
CVSS: 8.2EPSS: 14%CPEs: 2EXPL: 1CVE-2001-0723
https://notcve.org/view.php?id=CVE-2001-0723
14 Nov 2001 — Internet Explorer 5.5 and 6.0 allows remote attackers to read and modify user cookies via Javascript, aka the "Second Cookie Handling Vulnerability." • http://www.securityfocus.com/bid/3546 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2001-0667
https://notcve.org/view.php?id=CVE-2001-0667
30 Oct 2001 — Internet Explorer 6 and earlier, when used with the Telnet client in Services for Unix (SFU) 2.0, allows remote attackers to execute commands by spawning Telnet with a log file option on the command line and writing arbitrary code into an executable file which is later executed, aka a new variant of the Telnet Invocation vulnerability as described in CVE-2001-0150. • http://www.ciac.org/ciac/bulletins/m-024.shtml • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2001-1450
https://notcve.org/view.php?id=CVE-2001-1450
11 May 2001 — Microsoft Internet Explorer 5.0 through 6.0 allows attackers to cause a denial of service (browser crash) via a crafted FTP URL such as "/.#./". • http://cert.uni-stuttgart.de/archive/vuln-dev/2001/05/msg00029.html •