This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:microsoft:ie:4.70.1300
Detail
VendorMicrosoftFirst view 1999-12-08
ProductIeLast view2011-12-07
Version4.70.1300TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:microsoft:ie

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
52011-12-07CVE-2010-5071NetworkLowNone Requ...
4.32011-12-07CVE-2002-2435NetworkMediumNone Requ...
4.32011-06-03CVE-2011-2383NetworkMediumNone Requ...
4.32011-06-03CVE-2011-2382NetworkMediumNone Requ...
52009-08-24CVE-2009-2954NetworkLowNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
52009-07-22CVE-2009-2576NetworkLowNone Requ...
5.82009-06-15CVE-2009-2069NetworkMediumNone Requ...
5.82009-06-15CVE-2009-2057NetworkMediumNone Requ...
7.52007-10-14CVE-2007-5456NetworkLowNone Requ...
9.32007-03-29CVE-2007-1765NetworkMediumNone Requ...
52007-02-22CVE-2006-7031NetworkLowNone Requ...
52007-02-22CVE-2006-7029NetworkLowNone Requ...
9.32006-12-12CVE-2006-5581NetworkMediumNone Requ...
2.62006-12-12CVE-2006-5578NetworkHighNone Requ...
4.32006-12-12CVE-2006-5577NetworkMediumNone Requ...
52006-12-06CVE-2006-6310NetworkLowNone Requ...
52006-10-05CVE-2006-5162NetworkLowNone Requ...
52006-09-19CVE-2006-4888NetworkLowNone Requ...
4.32006-06-13CVE-2006-2384NetworkMediumNone Requ...
52006-02-07CVE-2006-0585NetworkLowNone Requ...
7.12005-12-31CVE-2005-4844NetworkMediumNone Requ...
7.52002-05-29CVE-2002-0242NetworkLowNone Requ...
7.52001-10-30CVE-2001-0667NetworkLowNone Requ...
7.52001-10-30CVE-2001-0665NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
27% (3)CWE-20Improper Input Validation
18% (2)CWE-287Improper Authentication
18% (2)CWE-200Information Exposure
9% (1)CWE-399Resource Management Errors
9% (1)CWE-264Permissions, Privileges, and Access Controls
Hide | Show 2 More...
%idName
9% (1)CWE-94Failure to Control Generation of Code ('Code Injection')
9% (1)CWE-59Improper Link Resolution Before File Access ('Link Following')

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-41Using Meta-characters in E-mail Headers to Inject Malicious Payloads
CAPEC-88OS Command Injection
CAPEC-133Try All Common Application Switches and Options

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:12820Drag and Drop Information Disclosure Vulnerability
oval:org.mitre.oval:def:920IE Cached Content Command Execution Vulnerability
oval:org.mitre.oval:def:337TIF Folder Information Disclosure Vulnerability
oval:org.mitre.oval:def:116DHTML Script Function Memory Corruption Vulnerability
oval:org.mitre.oval:def:1788Address Bar Spoofing Vulnerability (S03,SP1)
Hide | Show 8 More...
idName
oval:org.mitre.oval:def:1775Address Bar Spoofing Vulnerability (2K/XP)
oval:org.mitre.oval:def:1686Address Bar Spoofing Vulnerability (XP,SP2)
oval:org.mitre.oval:def:1646Address Bar Spoofing Vulnerability (64-bit XP)
oval:org.mitre.oval:def:1567Address Bar Spoofing Vulnerability (Win2K)
oval:org.mitre.oval:def:1478Address Bar Spoofing Vulnerability (WinS03)
oval:org.mitre.oval:def:141Microsoft Internet Explorer MIME Hack
oval:org.mitre.oval:def:313TIF Folder Information Disclosure Vulnerability
oval:org.mitre.oval:def:1096IE Web Page Spoofing Vulnerability

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
77606Microsoft IE JavaScript Implementation getComputedStyle Method Page Handling ...
72724Microsoft IE Cookie Jacking Account Authentication Bypass
58788Microsoft IE Crafted File Extension Download Security Warning Bypass
57506Microsoft IE location.hash Javascript Handling Remote DoS
57113Microsoft IE Extended HTML Form Non-HTTP Protocol XSS
Hide | Show 20 More...
idDescription
56489Microsoft IE Proxy Server CONNECT Response Cached Certificate Use MiTM HTTPS ...
56323Microsoft IE Write Method Unicode String Argument Handling Remote DoS
55129Microsoft IE HTTP Host Header Proxy Server CONNECT Response Document Context ...
45441Microsoft IE IObjectSafety CLSID_ApprenticeICW ActiveX Control COM Object Cre...
45260Microsoft IE Malformed Table Element CSS Attribute Handling DoS
43521Microsoft IE CSS :visited Attribute Browser History Disclosure
41041Microsoft IE Mouse Click self.resizeTo DoS
33629Microsoft IE Animated Cursor (.ani) Handling Arbitrary Command Execution
31325Microsoft IE HTML Frame Tag Invalid src Attribute DoS
30816Microsoft IE TIF Folder Cached Content Information Disclosure
30815Microsoft IE TIF Folder Drag and Drop Operation Information Disclosure
30814Microsoft IE DHTML Script Function Memory Corruption
29129Microsoft IE wininet.dll Content-Type DoS
28614Microsoft IE input/div Tag width Conflict DoS
26445Microsoft IE Modal Browser Window Address Bar Spoofing
22977Microsoft IE jscript.dll document.write() NULL Pointer DoS
7859Microsoft IE Frame Domain Verification Arbitrary File Access
7832Microsoft IE Client Window Reference Server Side Arbitrary File Access
7823Microsoft IE Cached Content .chm Arbitrary Program Execution
7822Microsoft IE HTML Form Input Element Arbitrary File Access

Milw0rm Exploits

idDescription
2006-07-20MS Internet Explorer 6 (Content-Type) Stack Overflow Crash
2006-05-10MS Internet Explorer <= 6.0.2900 SP2 (CSS Attribute) Denial of Service

ExploitDB Exploits

idDescription
3652MS Windows Animated Cursor (.ANI) Overflow Exploit (Hardware DEP)
3617MS Windows Animated Cursor (.ANI) Stack Overflow Exploit

OpenVAS Exploits

idDescription
2011-12-09Name : Microsoft Internet Explorer Multiple Information Disclosure Vulnerabilities
File : nvt/gb_ms_ie_mult_info_disc_vuln.nasl
2011-08-11Name : Microsoft Internet Explorer Multiple Vulnerabilities (2559049)
File : nvt/secpod_ms11-057.nasl
2011-06-13Name : Microsoft Internet Explorer Cookie Hijacking Vulnerability
File : nvt/gb_ms_ie9_cookie_hijacking_vuln.nasl
2011-06-13Name : Microsoft Internet Explorer Cookie Hijacking Vulnerability
File : nvt/gb_ms_ie_cookie_hijacking_vuln.nasl
2009-08-26Name : Microsoft Internet Explorer 'location.hash' DOS Vulnerability
File : nvt/secpod_ms_ie_location_hash_dos_vuln.nasl
Hide | Show 4 More...
idDescription
2009-07-23Name : Microsoft Internet Explorer Unicode String DoS Vulnerability
File : nvt/secpod_ms_ie_unicode_str_dos_vuln.nasl
2009-06-17Name : Microsoft Internet Explorer Web Script Execution Vulnerabilites
File : nvt/secpod_ms_ie_web_script_exec_vuln_jun09.nasl
2005-11-03Name : IE 5.01 5.5 6.0 Cumulative patch (890923)
File : nvt/smb_nt_ms02-005.nasl
2005-11-03Name : Bugbear worm
File : nvt/bugbear.nasl

Snort® IPS/IDS

DateDescription
2014-01-10Microsoft Internet Explorer htmlfile ActiveX object access attempt
RuleID : 4155 - Type : BROWSER-PLUGINS - Revision : 19
2014-01-10Microsoft Internet Explorer spoofed MIME-Type auto-execution attempt
RuleID : 3683 - Type : BROWSER-IE - Revision : 13
2014-01-10spoofed MIME-Type auto-execution attempt
RuleID : 3682 - Type : SERVER-MAIL - Revision : 11
2014-01-10Microsoft Internet Explorer ANI file parsing buffer overflow attempt
RuleID : 3079-community - Type : BROWSER-IE - Revision : 25
2014-01-10Microsoft Internet Explorer ANI file parsing buffer overflow attempt
RuleID : 3079 - Type : BROWSER-IE - Revision : 25
Hide | Show 1 More...
DateDescription
2014-01-10Microsoft Internet Explorer htmlfile ActiveX object access attempt
RuleID : 28272 - Type : BROWSER-PLUGINS - Revision : 6

Nessus® Vulnerability Scanner

idDescription
2011-08-09Name : Arbitrary code can be executed on the remote host through a web browser.
File : smb_nt_ms11-057.nasl - Type : ACT_GATHER_INFO
2007-04-03Name : Arbitrary code can be executed on the remote host through the email client or...
File : smb_nt_ms07-017.nasl - Type : ACT_GATHER_INFO
2006-12-12Name : Arbitrary code can be executed on the remote host through the web client.
File : smb_nt_ms06-072.nasl - Type : ACT_GATHER_INFO
2006-06-13Name : Arbitrary code can be executed on the remote host through the web client.
File : smb_nt_ms06-021.nasl - Type : ACT_GATHER_INFO
2002-10-03Name : The remote host has been compromised.
File : bugbear.nasl - Type : ACT_GATHER_INFO