CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2005-4844
https://notcve.org/view.php?id=CVE-2005-4844
The CLSID_ApprenticeICW control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer. • http://www.securityfocus.com/archive/1/391803 •
CVSS: 6.4EPSS: 94%CPEs: 11EXPL: 1CVE-2002-0976 – Microsoft Internet Explorer 4/5/6 - XML Datasource Applet File Disclosure
https://notcve.org/view.php?id=CVE-2002-0976
Internet Explorer 4.0 and later allows remote attackers to read arbitrary files via a web page that accesses a legacy XML Datasource applet (com.ms.xml.dso.XMLDSO.class) and modifies the base URL to point to the local system, which is trusted by the applet. • https://www.exploit-db.com/exploits/21721 http://marc.info/?l=bugtraq&m=102960731805373&w=2 http://www.iss.net/security_center/static/9885.php http://www.securityfocus.com/bid/5490 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2002-0242
https://notcve.org/view.php?id=CVE-2002-0242
Cross-site scripting vulnerability in Internet Explorer 6 earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed. Vulnerabilidad de secuencias de comandos en sitios cruzados en Internet Explorer 6 y anteriores permite que atacante remotos ejecuten código arbitrario por medio de un formulario HTML extendido, cuya salida del servidor remoto no se ha aclarado adecuadamente. • http://marc.info/?l=bugtraq&m=101309907709138&w=2 •
CVSS: 2.1EPSS: 0%CPEs: 13EXPL: 0CVE-2001-1497
https://notcve.org/view.php?id=CVE-2001-1497
Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it easier to conduct a brute-force password guessing attack. • http://www.iss.net/security_center/static/7592.php http://www.securityfocus.com/archive/1/241323 http://www.securityfocus.com/archive/1/241400 http://www.securityfocus.com/bid/3563 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2001-0667
https://notcve.org/view.php?id=CVE-2001-0667
Internet Explorer 6 and earlier, when used with the Telnet client in Services for Unix (SFU) 2.0, allows remote attackers to execute commands by spawning Telnet with a log file option on the command line and writing arbitrary code into an executable file which is later executed, aka a new variant of the Telnet Invocation vulnerability as described in CVE-2001-0150. • http://www.ciac.org/ciac/bulletins/m-024.shtml http://www.kb.cert.org/vuls/id/952611 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-051 https://exchange.xforce.ibmcloud.com/vulnerabilities/7260 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •