CVSS: 9.8EPSS: 11%CPEs: 1EXPL: 1CVE-2001-0150 – Microsoft Internet Explorer 5.0.1/5.5/6.0 - Telnet Client File Overwrite
https://notcve.org/view.php?id=CVE-2001-0150
07 May 2001 — Internet Explorer 5.5 and earlier executes Telnet sessions using command line arguments that are specified by the web site, which could allow remote attackers to execute arbitrary commands if the IE client is using the Telnet client provided in Services for Unix (SFU) 2.0, which creates session transcripts. • https://www.exploit-db.com/exploits/20680 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 8.1EPSS: 13%CPEs: 2EXPL: 0CVE-2001-0154
https://notcve.org/view.php?id=CVE-2001-0154
03 May 2001 — HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly. Funcionalidad HTML en Internet Explorer 5.5 y anteriores, que permite al atacante la ejecución de un archivo adjunto. Se consigue gracias al envío de cabeceras MIME inválidas para el adjunto que le permiten disfrazarse como un tipo de archivo no ejecutable. El correo electrónico vía HTML se representa en págin... • http://marc.info/?l=bugtraq&m=98596775905044&w=2 •
CVSS: 7.5EPSS: 40%CPEs: 3EXPL: 1CVE-2001-0089 – Microsoft Internet Explorer 5 - 'INPUT TYPE=FILE' Remote File Upload
https://notcve.org/view.php?id=CVE-2001-0089
16 Feb 2001 — Internet Explorer 5.0 through 5.5 allows remote attackers to read arbitrary files from the client via the INPUT TYPE element in an HTML form, aka the "File Upload via Form" vulnerability. • https://www.exploit-db.com/exploits/20459 •
CVSS: 4.3EPSS: 14%CPEs: 6EXPL: 0CVE-2000-0439
https://notcve.org/view.php?id=CVE-2000-0439
11 May 2000 — Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain client cookies from another domain by including that domain name and escaped characters in a URL, aka the "Unauthorized Cookie Access" vulnerability. • http://www.osvdb.org/1326 •
CVSS: 10.0EPSS: 24%CPEs: 5EXPL: 0CVE-1999-0876
https://notcve.org/view.php?id=CVE-1999-0876
04 Jan 2000 — Buffer overflow in Internet Explorer 4.0 via EMBED tag. • http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ185959 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 6%CPEs: 3EXPL: 0CVE-1999-1093
https://notcve.org/view.php?id=CVE-1999-1093
31 Dec 1999 — Buffer overflow in the Window.External function in the JScript Scripting Engine in Internet Explorer 4.01 SP1 and earlier allows remote attackers to execute arbitrary commands via a malicious web page. • http://support.microsoft.com/support/kb/articles/q191/2/00.asp •
CVSS: 9.8EPSS: 6%CPEs: 1EXPL: 0CVE-1999-1094
https://notcve.org/view.php?id=CVE-1999-1094
31 Dec 1999 — Buffer overflow in Internet Explorer 4.01 and earlier allows remote attackers to execute arbitrary commands via a long URL with the "mk:" protocol, aka the "MK Overrun security issue." • http://marc.info/?l=bugtraq&m=88480839506155&w=2 •
CVSS: 7.5EPSS: 21%CPEs: 11EXPL: 1CVE-2000-0028 – Microsoft Internet Explorer 4/5/5.5/5.0.1 - external.NavigateAndFind() Cross-Frame
https://notcve.org/view.php?id=CVE-2000-0028
23 Dec 1999 — Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy and read files via the external.NavigateAndFind function. • https://www.exploit-db.com/exploits/19686 •
CVSS: 6.1EPSS: 3%CPEs: 3EXPL: 1CVE-1999-0981 – Microsoft Internet Explorer 4/5 / Outlook 98 - 'window.open' Redirect
https://notcve.org/view.php?id=CVE-1999-0981
08 Dec 1999 — Internet Explorer 5.01 and earlier allows a remote attacker to create a reference to a client window and use a server-side redirect to access local files via that window, aka "Server-side Page Reference Redirect." • https://www.exploit-db.com/exploits/19591 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-1999-0827
https://notcve.org/view.php?id=CVE-1999-0827
01 Nov 1999 — By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0827 •