CVSS: 8.8EPSS: 83%CPEs: 3EXPL: 2CVE-2005-1988 – Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-1988
10 Aug 2005 — Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to execute arbitrary code via a web site or an HTML e-mail containing a crafted JPEG image that causes memory corruption, aka "JPEG Image Rendering Memory Corruption Vulnerability". • https://www.exploit-db.com/exploits/25991 •
CVSS: 7.5EPSS: 62%CPEs: 3EXPL: 1CVE-2005-1989 – Microsoft Internet Explorer - 'blnmgr.dll' COM Object Remote (MS05-038)
https://notcve.org/view.php?id=CVE-2005-1989
10 Aug 2005 — Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to obtain information and possibly execute code when browsing from a web site to a web folder view using WebDAV, aka "Web Folder Behaviors Cross-Domain Vulnerability". • https://www.exploit-db.com/exploits/1144 •
CVSS: 7.8EPSS: 82%CPEs: 3EXPL: 1CVE-2005-1990 – Microsoft Internet Explorer - 'blnmgr.dll' COM Object Remote (MS05-038)
https://notcve.org/view.php?id=CVE-2005-1990
10 Aug 2005 — Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, including (1) devenum.dll, (2) diactfrm.dll, (3) wmm2filt.dll, (4) fsusd.dll, (5) dmdskmgr.dll, (6) browsewm.dll, (7) browseui.dll, (8) shell32.dll, (9) mshtml.dll, (10) inetcfg.dll, (11) infosoft.dll, (12) query.dll, (13) syncui.dll, (14) clbcatex.dll, (15) clbcat... • https://www.exploit-db.com/exploits/1144 •
CVSS: 8.8EPSS: 65%CPEs: 11EXPL: 1CVE-2005-2087 – Microsoft Internet Explorer - 'javaprxy.dll' COM Object Remote Overflow
https://notcve.org/view.php?id=CVE-2005-2087
30 Jun 2005 — Internet Explorer 5.01 SP4 up to 6 on various Windows operating systems, including IE 6.0.2900.2180 on Windows XP, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, as demonstrated using the JVIEW Profiler (Javaprxy.dll). NOTE: the researcher says that the vendor could not reproduce this problem. • https://www.exploit-db.com/exploits/1079 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 73%CPEs: 5EXPL: 1CVE-2005-0553 – Microsoft Internet Explorer 5.0.1 - DHTML Object Race Condition Memory Corruption
https://notcve.org/view.php?id=CVE-2005-0553
13 Apr 2005 — Race condition in the memory management routines in the DHTML object processor in Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail, aka "DHTML Object Memory Corruption Vulnerability". • https://www.exploit-db.com/exploits/25386 •
CVSS: 8.1EPSS: 38%CPEs: 3EXPL: 0CVE-2005-0054
https://notcve.org/view.php?id=CVE-2005-0054
08 Feb 2005 — Internet Explorer 5.01, 5.5, and 6 allows remote attackers to spoof a less restrictive security zone and execute arbitrary code via an HTML page containing URLs that contain hostnames that have been double hex encoded, which are decoded twice to generate a malicious hostname, aka the "URL Decoding Zone Spoofing Vulnerability." • http://marc.info/?l=bugtraq&m=110796851002781&w=2 •
CVSS: 8.1EPSS: 32%CPEs: 3EXPL: 1CVE-2005-0056
https://notcve.org/view.php?id=CVE-2005-0056
08 Feb 2005 — Internet Explorer 5.01, 5.5, and 6 does not properly validate certain URLs in Channel Definition Format (CDF) files, which allows remote attackers to obtain sensitive information or execute arbitrary code, aka the "Channel Definition Format (CDF) Cross Domain Vulnerability." • http://securitytracker.com/id?1013126 •
CVSS: 4.3EPSS: 24%CPEs: 4EXPL: 3CVE-2004-2219
https://notcve.org/view.php?id=CVE-2004-2219
31 Dec 2004 — Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar to facilitate phishing attacks via Javascript that uses an invalid URI, modifies the Location field, then uses history.back to navigate to the previous domain, aka NullyFake. • http://archives.neohapsis.com/archives/bugtraq/2004-08/0215.html •
CVSS: 7.5EPSS: 19%CPEs: 18EXPL: 1CVE-2004-1155
https://notcve.org/view.php?id=CVE-2004-1155
10 Dec 2004 — Internet Explorer 5.01 through 6 allows remote attackers to spoof arbitrary web sites by injecting content from one window into another window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. NOTE: later research shows that Internet Explorer 7 on Windows XP SP2 is also vulnerable. • http://secunia.com/advisories/13251 •
CVSS: 6.4EPSS: 40%CPEs: 3EXPL: 0CVE-2004-0845
https://notcve.org/view.php?id=CVE-2004-0845
16 Oct 2004 — Internet Explorer 5.01, 5.5, and 6 does not properly cache SSL content, which allows remote attackers to obtain information or spoof content via a web site with the same host name as the target web site, whose content is cached and reused when the user visits the target web site. Internet Explorer 5.01, 5.5, y 6 no hace caché adecuadamente de contenido SSL, lo que permite a atacantes remotos obtener información o suplantar contenido mediante un sitio web con el mismo nombre de máquina como el sitio web obje... • http://marc.info/?l=bugtraq&m=109770364504803&w=2 •