Page 4 of 22 results (0.003 seconds)

CVSS: 2.6EPSS: 0%CPEs: 14EXPL: 0

Internet Explorer 4.x and 5.x does not properly verify all contents of an SSL certificate if a connection is made to the server via an image or a frame, aka one of two different "SSL Certificate Validation" vulnerabilities. • http://www.acrossecurity.com/aspr/ASPR-1999-12-15-1-PUB.txt http://www.cert.org/advisories/CA-2000-10.html http://www.securityfocus.com/bid/1309 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-039 https://exchange.xforce.ibmcloud.com/vulnerabilities/4624 •

CVSS: 2.6EPSS: 0%CPEs: 14EXPL: 0

Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establishes a new SSL session with the same server during the same Internet Explorer session, aka one of two different "SSL Certificate Validation" vulnerabilities. • http://www.acrossecurity.com/aspr/ASPR-1999-12-15-1-PUB.txt http://www.cert.org/advisories/CA-2000-10.html http://www.securityfocus.com/bid/1309 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-039 https://exchange.xforce.ibmcloud.com/vulnerabilities/4627 •

CVSS: 5.1EPSS: 0%CPEs: 9EXPL: 0

The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-011 •

CVSS: 10.0EPSS: 1%CPEs: 5EXPL: 0

Buffer overflow in Internet Explorer 4.0 via EMBED tag. • http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ185959 http://support.microsoft.com/support/kb/articles/q176/6/97.asp • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 2.6EPSS: 1%CPEs: 11EXPL: 1

Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy and read files via the external.NavigateAndFind function. • https://www.exploit-db.com/exploits/19686 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0028 •