Microsoft Ie vulnerabilities

CVE-2004-0212 [CRITICAL] CVE-2004-0212: Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 o Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters, as demonstrated using Internet Explorer and accessing a .job file on an anonymous share.

CVE-2004-0526 [MEDIUM] CVE-2004-0526: Unknown versions of Internet Explorer and Outlook allow remote attackers to spoof a legitimate URL i Unknown versions of Internet Explorer and Outlook allow remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack.

CVE-2004-0719 [HIGH] CVE-2004-0719: Internet Explorer for Mac 5.2.3, Internet Explorer 6 on Windows XP, and possibly other versions, doe Internet Explorer for Mac 5.2.3, Internet Explorer 6 on Windows XP, and possibly other versions, does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.

CVE-2004-0420 [CRITICAL] CVE-2004-0420: The Windows Shell application in Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP, a The Windows Shell application in Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by spoofing the type of a file via a CLSID specifier in the filename, as demonstrated using Internet Explorer 6.0.2800.1106 on Windows XP.

CVE-2004-0479 [MEDIUM] CVE-2004-0479: Internet Explorer 6 allows remote attackers to cause a denial of service (crash) via Javascript that Internet Explorer 6 allows remote attackers to cause a denial of service (crash) via Javascript that creates a new popup window and disables the imagetoolbar functionality with a META tag, which triggers a null dereference.

CVE-2004-0475 [MEDIUM] CVE-2004-0475: The showHelp function in Internet Explorer 6 on Windows XP Pro allows remote attackers to execute ar The showHelp function in Internet Explorer 6 on Windows XP Pro allows remote attackers to execute arbitrary local .CHM files via a double backward slash ("\\") before the target CHM file, as demonstrated using an "ms-its" URL to ntshared.chm. NOTE: this bug may overlap CVE-2003-1041.

CVE-2003-1041 [HIGH] CVE-2003-1041: Internet Explorer 5.x and 6.0 allows remote attackers to execute arbitrary programs via a modified d Internet Explorer 5.x and 6.0 allows remote attackers to execute arbitrary programs via a modified directory traversal attack using a URL containing ".." (dot dot) sequences and a filename that ends in "::" which is treated as a .chm file even if it does not have a .chm extension. NOTE: this bug may overlap CVE-2004-0475.

CVE-2003-0513 [HIGH] CVE-2003-0513: Microsoft Internet Explorer allows remote attackers to bypass intended cookie access restrictions on Microsoft Internet Explorer allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Internet Explorer to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.

CVE-2004-2090 [MEDIUM] CVE-2004-2090: Microsoft Internet Explorer 5.0.1 through 6.0 allows remote attackers to determine the existence of Microsoft Internet Explorer 5.0.1 through 6.0 allows remote attackers to determine the existence of arbitrary files via the VBScript LoadPicture method, which returns an error code if the file does not exist.

CVE-2003-0823 [HIGH] CVE-2003-0823: Internet Explorer 6 SP1 and earlier allows remote attackers to direct drag and drop behaviors and ot Internet Explorer 6 SP1 and earlier allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by calling the window.moveBy method, aka HijackClick, a different vulnerability than CVE-2003-1027.

CVE-2003-0814 [HIGH] CVE-2003-0814: Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and execute Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and execute Javascript by setting the window's "href" to the malicious Javascript, then calling execCommand("Refresh") to refresh the page, aka BodyRefreshLoadsJPU or the "ExecCommand Cross Domain" vulnerability.

CVE-2003-0816 [HIGH] CVE-2003-0816: Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions by (1) using Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions by (1) using the NavigateAndFind method to load a file: URL containing Javascript, as demonstrated by NAFfileJPU, (2) using the window.open method to load a file: URL containing Javascript, as demonstrated using WsOpenFileJPU, (3) setting the href property in the base tag fo

CVE-2003-0817 [HIGH] CVE-2003-0817: Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions and read ar Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions and read arbitrary files via an XML object.

CVE-2003-0815 [HIGH] CVE-2003-0815: Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and read arb Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and read arbitrary files by (1) modifying the createTextRange method and using CreateLink, as demonstrated using LinkillerSaveRef, LinkillerJPU, and Linkiller, or (2) modifying the createRange method and using the FIND dialog to select text, as demonstrated using Findeath, a

CVE-2003-1026 [CRITICAL] CWE-264 CVE-2003-1026: Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions via a javas Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions via a javascript protocol URL in a sub-frame, which is added to the history list and executed in the top window's zone when the history.back (back) function is called, as demonstrated by BackToFramedJpu, aka the "Travel Log Cross Domain Vulnerability."

CVE-2003-1027 [CRITICAL] CVE-2003-1027: Internet Explorer 5.01 through 6 SP1 allows remote attackers to direct drag and drop behaviors and o Internet Explorer 5.01 through 6 SP1 allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by using method caching (SaveRef) to access the window.moveBy method, which is otherwise inaccessible, as demonstrated by HijackClickV2, a different vulnerability than CVE-2003-0823, aka the "Function Pointer Drag and

CVE-2003-1028 [MEDIUM] CVE-2003-1028: The download function of Internet Explorer 6 SP1 allows remote attackers to obtain the cache directo The download function of Internet Explorer 6 SP1 allows remote attackers to obtain the cache directory name via an HTTP response with an invalid ContentType and a .htm file, which could allow remote attackers to bypass security mechanisms that rely on random names, as demonstrated by threadid10008.

CVE-2003-1484 [MEDIUM] CWE-119 CVE-2003-1484: Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash) by Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash) by creating a DHTML link that uses the AnchorClick "A" object with a blank href attribute.

CVE-2003-1559 [MEDIUM] CWE-200 CVE-2003-1559: Microsoft Internet Explorer 5.22, and other 5 through 6 SP1 versions, sends Referer headers containi Microsoft Internet Explorer 5.22, and other 5 through 6 SP1 versions, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data.

CVE-2003-1105 [LOW] CVE-2003-1105: Unknown vulnerability in Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to cause Unknown vulnerability in Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to cause a denial of service (browser or Outlook Express crash) via HTML with certain input tags that are not properly rendered.