CVSS: 8.8EPSS: 95%CPEs: 3EXPL: 1CVE-2005-0554 – Microsoft Internet Explorer - DHTML Object Handling (MS05-020)
https://notcve.org/view.php?id=CVE-2005-0554
13 Apr 2005 — Buffer overflow in the URL processor of Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL with a long hostname, aka "URL Parsing Memory Corruption Vulnerability." • https://www.exploit-db.com/exploits/931 •
CVSS: 8.8EPSS: 95%CPEs: 3EXPL: 1CVE-2005-0555 – Microsoft Internet Explorer 5.0.1 - Content Advisor File Handling Buffer Overflow (MS05-020)
https://notcve.org/view.php?id=CVE-2005-0555
12 Apr 2005 — Buffer overflow in the Content Advisor in Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a crafted Content Advisor file, aka "Content Advisor Memory Corruption Vulnerability." • https://www.exploit-db.com/exploits/25385 •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2005-0954
https://notcve.org/view.php?id=CVE-2005-0954
03 Apr 2005 — Windows Explorer and Internet Explorer in Windows 2000 SP1 allows remote attackers to cause a denial of service (CPU consumption) via a malformed Windows Metafile (WMF) file. • http://marc.info/?l=bugtraq&m=111231106513788&w=2 •
CVSS: 6.5EPSS: 31%CPEs: 3EXPL: 1CVE-2005-0500
https://notcve.org/view.php?id=CVE-2005-0500
21 Feb 2005 — Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to spoof the domain name of a URL in a titlebar for a script-initiated popup window, which could facilitate phishing attacks. • http://marc.info/?l=full-disclosure&m=110895997201027&w=2 •
CVSS: 9.8EPSS: 92%CPEs: 35EXPL: 2CVE-2005-0053 – Microsoft Internet Explorer 5.x - Valid File Drag and Drop Embedded Code (MS04-038)
https://notcve.org/view.php?id=CVE-2005-0053
08 Feb 2005 — Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the "Drag-and-Drop Vulnerability." Internet Explorer 5.01, 5.5 y 6 permite a los atacantes remotos ejecutar código arbitrario mediante eventos de arrastrar y soltar, también conocidos como "Vulnerabilidad de arrastrar y soltar". • https://www.exploit-db.com/exploits/24693 •
CVSS: 9.8EPSS: 95%CPEs: 11EXPL: 0CVE-2005-0055
https://notcve.org/view.php?id=CVE-2005-0055
08 Feb 2005 — Internet Explorer 5.01, 5.5, and 6 does not properly validate buffers when handling certain DHTML methods including the createControlRange Javascript function, which allows remote attackers to execute arbitrary code, aka the "DHTML Method Heap Memory Corruption Vulnerability." • http://secunia.com/advisories/11165 •
CVSS: 7.8EPSS: 93%CPEs: 2EXPL: 2CVE-2004-1043 – Microsoft Internet Explorer (Windows XP SP2) - HTML Help Control Local Zone Bypass
https://notcve.org/view.php?id=CVE-2004-1043
31 Dec 2004 — Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to execute arbitrary code by using the "Related Topics" command in the Help ActiveX Control (hhctrl.ocx) to open a Help popup window containing the PCHealth tools.htm file in the local zone and injecting Javascript to be executed, as demonstrated using "writehta.txt" and the ADODB recordset, which saves a .HTA file to the local system, aka the "HTML Help ActiveX control Cross Domain Vulnerability." • https://packetstorm.news/files/id/148307 •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2004-1527
https://notcve.org/view.php?id=CVE-2004-1527
31 Dec 2004 — Microsoft Internet Explorer 6.0 SP1 does not properly handle certain character strings in the Path attribute, which can cause it to modify cookies in other domains when the attacker's domain name is within the target's domain name or when wildcard DNS is being used, which allows remote attackers to hijack web sessions. • http://marc.info/?l=bugtraq&m=110053968530613&w=2 •
CVSS: 6.5EPSS: 1%CPEs: 1EXPL: 2CVE-2004-2476
https://notcve.org/view.php?id=CVE-2004-2476
31 Dec 2004 — Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (infinite loop and crash) via an IFRAME with "?" as the file source. • http://archives.neohapsis.com/archives/bugtraq/2004-04/0061.html •
CVSS: 6.1EPSS: 77%CPEs: 5EXPL: 2CVE-2004-2383 – Microsoft Internet Explorer 5/6 - Cross-Domain Event Leakage
https://notcve.org/view.php?id=CVE-2004-2383
31 Dec 2004 — Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to bypass cross-frame scripting restrictions and capture keyboard events from other domains via an HTML document with Javascript that is outside a frameset that includes the target domain, then forcing the frameset to maintain focus. NOTE: the discloser claimed that the vendor does not categorize this as a vulnerability, but it can be used in a spoofing scenario; the discloser provides alternate scenarios. Spoofing scenarios are currently i... • https://www.exploit-db.com/exploits/23766 •