Microsoft Internet Explorer vulnerabilities

CVE-2006-1192 [LOW] CWE-20 CVE-2006-1192: Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by sp Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow "window content to persist" after the user has navigated to another site, aka the "Address Bar Spoofing Vulnerability." NOTE: this is a different vulnerability than CVE-20

CVE-2006-1626 [MEDIUM] CVE-2006-1626: Internet Explorer 6 for Windows XP SP2 and earlier allows remote attackers to spoof the address bar Internet Explorer 6 for Windows XP SP2 and earlier allows remote attackers to spoof the address bar and possibly conduct phishing attacks by re-opening the window to a malicious Shockwave Flash application, then changing the window location back to a trusted URL while the Flash application is still loading. NOTE: this is a different vulnerability than CVE-2006

CVE-2006-1388 [HIGH] CVE-2006-1388: Unspecified vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to execute HTA Unspecified vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to execute HTA files via unknown vectors.

CVE-2006-1359 [CRITICAL] CWE-94 CVE-2006-1359: Microsoft Internet Explorer 6 and 7 Beta 2 allows remote attackers to cause a denial of service and Microsoft Internet Explorer 6 and 7 Beta 2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a certain createTextRange call on a checkbox object, which results in a dereference of an invalid table pointer.

CVE-2006-1016 [HIGH] CVE-2006-1016: Buffer overflow in the IsComponentInstalled method in Internet Explorer 6.0, when used on Windows 20 Buffer overflow in the IsComponentInstalled method in Internet Explorer 6.0, when used on Windows 2000 before SP4 or Windows XP before SP1, allows remote attackers to execute arbitrary code via JavaScript that calls IsComponentInstalled with a long first argument.

CVE-2006-0830 [HIGH] CVE-2006-0830: The scripting engine in Internet Explorer allows remote attackers to cause a denial of service (reso The scripting engine in Internet Explorer allows remote attackers to cause a denial of service (resource consumption) and possibly execute arbitrary code via a web page that contains a recurrent call to an infinite loop in Javascript or VBscript, which consumes the stack, as demonstrated by resetting the "location" variable within the loop.

CVE-2006-0799 [MEDIUM] CVE-2006-0799: Microsoft Internet Explorer allows remote attackers to spoof a legitimate URL in the status bar and Microsoft Internet Explorer allows remote attackers to spoof a legitimate URL in the status bar and conduct a phishing attack via a web page with an anchor element with a legitimate "href" attribute, a form whose action points to a malicious URL, and an INPUT submit element that is modified to look like a legitimate URL. NOTE: this issue is very similar to CVE

CVE-2006-0585 [MEDIUM] CVE-2006-0585: jscript.dll in Microsoft Internet Explorer 6.0 SP1 and earlier allows remote attackers to cause a de jscript.dll in Microsoft Internet Explorer 6.0 SP1 and earlier allows remote attackers to cause a denial of service (application crash) via a Shockwave Flash object that contains ActionScript code that calls VBScript, which in turn calls the Javascript document.write function, which triggers a null dereference.

CVE-2006-0057 [HIGH] CVE-2006-0057: Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to bypass the Kill bit settings Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to bypass the Kill bit settings for dangerous ActiveX controls via unknown vectors involving crafted HTML, which can expose the browser to attacks that would otherwise be prevented by the Kill bit setting. NOTE: CERT/CC claims that MS05-054 fixes this issue, but it is not described in MS05-054

CVE-2005-4843 [HIGH] CVE-2005-4843: The SmartConnect Class control allows remote attackers to cause a denial of service (Internet Explor The SmartConnect Class control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.

CVE-2005-4844 [HIGH] CVE-2005-4844: The CLSID_ApprenticeICW control allows remote attackers to cause a denial of service (Internet Explo The CLSID_ApprenticeICW control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.

CVE-2005-4841 [HIGH] CVE-2005-4841: The Outlook Progress Ctl control allows remote attackers to cause a denial of service (Internet Expl The Outlook Progress Ctl control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.

CVE-2005-4842 [HIGH] CVE-2005-4842: The System Monitor Source Properties control allows remote attackers to cause a denial of service (I The System Monitor Source Properties control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.

CVE-2005-4827 [HIGH] CVE-2005-4827: Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origi Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) and using tab, newline, and carriage return characters within the first argument (method name), which is supported by some proxy ser

CVE-2005-4717 [MEDIUM] CVE-2005-4717: Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1, Windows XP Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1, Windows XP SP2, and Windows Server 2003 SP1 allows remote attackers to cause a denial of service (client crash) via a certain combination of a malformed HTML file and a CSS file that triggers a null dereference, probably related to rendering of a DIV element that contain

CVE-2005-4810 [MEDIUM] CVE-2005-4810: Microsoft Internet Explorer 7.0 Beta3 and earlier allows remote attackers to cause a denial of servi Microsoft Internet Explorer 7.0 Beta3 and earlier allows remote attackers to cause a denial of service (crash) via a "text/html" HTML Content-type header sent in response to an XMLHttpRequest (AJAX).

CVE-2005-3240 [MEDIUM] CWE-362 CVE-2005-3240: Race condition in Microsoft Internet Explorer allows user-assisted attackers to overwrite arbitrary Race condition in Microsoft Internet Explorer allows user-assisted attackers to overwrite arbitrary files and possibly execute code by tricking a user into performing a drag-and-drop action from certain objects, such as file objects within a folder view, then predicting the drag action, and re-focusing to a malicious window.

CVE-2005-2831 [HIGH] CVE-2005-2831: Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (a Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, aka a variant of the "COM Object Instantiation Memory Corruption Vulnerability," a

CVE-2005-2830 [MEDIUM] CVE-2005-2830: Microsoft Internet Explorer 5.01, 5.5, and 6, when using an HTTPS proxy server that requires Basic A Microsoft Internet Explorer 5.01, 5.5, and 6, when using an HTTPS proxy server that requires Basic Authentication, sends URLs in cleartext, which allows remote attackers to obtain sensitive information, aka "HTTPS Proxy Vulnerability."

CVE-2005-2829 [MEDIUM] CVE-2005-2829: Multiple design errors in Microsoft Internet Explorer 5.01, 5.5, and 6 allow user-assisted attackers Multiple design errors in Microsoft Internet Explorer 5.01, 5.5, and 6 allow user-assisted attackers to execute arbitrary code by (1) overlaying a malicious new window above a file download box, then (2) using a keyboard shortcut and delaying the display of the file download box until the user hits a shortcut that activates the "Run" button, aka "File Downloa