Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2001-10-30 |
| Product | Ie | Last view | 2009-07-22 |
| Version | 4.0 | Type | Application |
| Update | * | ||
| Edition | mac+os | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:microsoft:ie | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5 | 2009-07-22 | CVE-2009-2576 | Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a long Unicode string argument to the write method, a related issue to CVE-2009-2479. NOTE: it was later reported that 7.0.6000.16473 and earlier are also affected. |
| 2.6 | 2006-12-12 | CVE-2006-5578 | Microsoft Internet Explorer 6 and earlier allows remote attackers to read Temporary Internet Files (TIF) and obtain sensitive information via unspecified vectors involving certain drag and drop operations, aka "TIF Folder Information Disclosure Vulnerability," and a different issue than CVE-2006-5577. |
| 4.3 | 2006-12-12 | CVE-2006-5577 | Microsoft Internet Explorer 6 and earlier allows remote attackers to obtain sensitive information via unspecified uses of the OBJECT HTML tag, which discloses the absolute path of the corresponding TIF folder, aka "TIF Folder Information Disclosure Vulnerability," and a different issue than CVE-2006-5578. |
| 5 | 2006-09-19 | CVE-2006-4888 | Microsoft Internet Explorer 6 and earlier allows remote attackers to cause a denial of service (application hang) via a CSS-formatted HTML INPUT element within a DIV element that has a larger size than the INPUT. |
| 7.5 | 2001-10-30 | CVE-2001-0665 | Internet Explorer 6 and earlier allows remote attackers to cause certain HTTP requests to be automatically executed and appear to come from the user, which could allow attackers to gain privileges or execute operations within web-based services, aka the "HTTP Request Encoding vulnerability." |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 100% (1) | CWE-399 | Resource Management Errors |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 56323 | Microsoft IE Write Method Unicode String Argument Handling Remote DoS |
| 30816 | Microsoft IE TIF Folder Cached Content Information Disclosure |
| 30815 | Microsoft IE TIF Folder Drag and Drop Operation Information Disclosure |
| 28614 | Microsoft IE input/div Tag width Conflict DoS |
| 1972 | Microsoft IE HTTP Request Encoding |
OpenVAS Exploits
| id | Description |
|---|---|
| 2009-07-23 | Name : Microsoft Internet Explorer Unicode String DoS Vulnerability File : nvt/secpod_ms_ie_unicode_str_dos_vuln.nasl |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2006-12-12 | Name: Arbitrary code can be executed on the remote host through the web client. File: smb_nt_ms06-072.nasl - Type: ACT_GATHER_INFO |
