CVSS: 8.8EPSS: 43%CPEs: 1EXPL: 2CVE-2006-0544 – Microsoft Internet Explorer 7.0 Beta 2 - 'urlmon.dll' Denial of Service
https://notcve.org/view.php?id=CVE-2006-0544
04 Feb 2006 — urlmon.dll in Microsoft Internet Explorer 7.0 beta 2 (aka 7.0.5296.0) allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a BGSOUND element with its SRC attribute set to "file://" followed by a large number of "-" (dash of hyphen) characters. • https://www.exploit-db.com/exploits/1475 •
CVSS: 7.5EPSS: 19%CPEs: 18EXPL: 1CVE-2004-1155
https://notcve.org/view.php?id=CVE-2004-1155
10 Dec 2004 — Internet Explorer 5.01 through 6 allows remote attackers to spoof arbitrary web sites by injecting content from one window into another window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. NOTE: later research shows that Internet Explorer 7 on Windows XP SP2 is also vulnerable. • http://secunia.com/advisories/13251 •