|
Vulnerability Report: Microsoft Internet Explorer 6.x
|
This vulnerability report for Microsoft Internet Explorer 6.x contains a complete overview of all Secunia advisories affecting it. You can use this vulnerability report to ensure that you are aware of all vulnerabilities, both patched and unpatched, affecting this product allowing you to take the necessary precautions.
If you have information about a new or an existing vulnerability in Microsoft Internet Explorer 6.x then you are more than welcome to contact us.
|
|
|
|
|
Vendor, Links, and Unpatched Vulnerabilities
| Vendor |
Microsoft
|
|
|
Product Link
|
View Here (Link to external site)
|
|
|
Affected By
|
143 Secunia advisories
176 Vulnerabilities
|
|
|
Monitor Product
|
Receive alerts for this product
|
|
|
Unpatched
|
16% (23 of 143 Secunia advisories)
|
|
Most Critical Unpatched
The most severe unpatched Secunia advisory affecting Microsoft Internet Explorer 6.x, with all vendor patches applied, is rated Moderately critical  .
|
|
|
|
|
|
143 Secunia Advisories in 2003-2009
|
Secunia has issued a total of 143 Secunia advisories in 2003-2009 for Microsoft Internet Explorer 6.x. Currently, 16% (23 out of 143) are marked as unpatched with the most severe being rated Moderately critical
More information about the specific Secunia advisories affecting Microsoft Internet Explorer 6.x can be found below. Each Secunia advisory is enclosed by a box highlighted with a color representing its current patch status. You can read the complete Secunia advisories for thorough descriptions of the issues covered and for solution suggestions by clicking either the Secunia advisory title or the "Read More" links available for each Secunia advisory.
|
|
|
|
|
|
Release Date:
2009-11-25 |
Secunia Advisory ID:
SA37362 |
Solution Status:
Unpatched |
|
Criticality:
 |
Impact:
Exposure of system information
|
Where:
From remote |
|
Short Description:
Inferno has discovered a weakness in Internet Explorer, which can lead to the exposure of system information. [Read More]
|
|
|
|
|
|
Release Date:
2009-11-23 |
Secunia Advisory ID:
SA37448 |
Solution Status:
Vendor Patch |
|
Criticality:
 |
Impact:
System access
|
Where:
From remote |
|
Short Description:
Multiple vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2009-10-14 |
Secunia Advisory ID:
SA37007 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Some vulnerabilities have been reported in various Microsoft products, which can be exploited by malicious people to compromise a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2009-10-13 |
Secunia Advisory ID:
SA36979 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Some vulnerabilities have been reported in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2009-08-19 |
Secunia Advisory ID:
SA36334 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Spoofing
|
Where:
From remote |
|
Short Description:
Lostmon has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to spoof parts of the address bar. [Read More]
|
|
|
|
|
|
Release Date:
2009-07-28 |
Secunia Advisory ID:
SA35962 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Three vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2009-06-09 |
Secunia Advisory ID:
SA35362 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
System access
|
Where:
From remote |
|
Short Description:
Some vulnerabilities have been reported in Microsoft Internet Explorer, which can be exploited by malicious people to bypass certain security restrictions or compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2009-04-14 |
Secunia Advisory ID:
SA34678 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Some vulnerabilities have been reported in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2008-12-10 |
Secunia Advisory ID:
SA33089 |
Solution Status:
Vendor Patch |
|
Criticality:
 |
Impact:
System access
|
Where:
From remote |
|
Short Description:
A vulnerability has been discovered in Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2008-12-09 |
Secunia Advisory ID:
SA33035 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Some vulnerabilities have been reported in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2008-09-09 |
Secunia Advisory ID:
SA31675 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Multiple vulnerabilities have been reported in various Microsoft products, which can be exploited by malicious people to compromise a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2008-08-12 |
Secunia Advisory ID:
SA31415 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Exposure of sensitive information
|
Where:
From remote |
|
Short Description:
A vulnerability has been reported in Internet Explorer, which can be exploited by malicious people to gain knowledge of sensitive information. [Read More]
|
|
|
|
|
|
Release Date:
2008-08-12 |
Secunia Advisory ID:
SA31375 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Multiple vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2008-06-26 |
Secunia Advisory ID:
SA30857 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
Cross Site Scripting
|
Where:
From remote |
|
Short Description:
Ph4nt0m Security Team has discovered a vulnerability in Internet Explorer 6, which can be exploited by malicious people to conduct cross-domain scripting attacks. [Read More]
|
|
|
|
|
|
Release Date:
2008-06-26 |
Secunia Advisory ID:
SA30851 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
Cross Site Scripting
Spoofing
System access
|
Where:
From remote |
|
Short Description:
Multiple vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to conduct spoofing or cross-site scripting attacks and compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2008-06-10 |
Secunia Advisory ID:
SA30575 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
A vulnerability has been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2008-05-14 |
Secunia Advisory ID:
SA30141 |
Solution Status:
Unpatched |
|
Criticality:
 |
Impact:
System access
|
Where:
From remote |
|
Short Description:
Aviv Raff has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2008-04-08 |
Secunia Advisory ID:
SA27707 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Secunia Research has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2008-03-24 |
Secunia Advisory ID:
SA29453 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
Cross Site Scripting
Exposure of sensitive information
|
Where:
From remote |
|
Short Description:
Stefano Di Paola has reported some vulnerabilities in Internet Explorer, which can be exploited by malicious people to conduct HTTP request smuggling/splitting attacks. [Read More]
|
|
|
|
|
|
Release Date:
2008-03-12 |
Secunia Advisory ID:
SA29346 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Manipulation of data
|
Where:
From remote |
|
Short Description:
Derek Abdine has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to conduct FTP command injection attacks. [Read More]
|
|
|
|
|
|
Release Date:
2008-02-12 |
Secunia Advisory ID:
SA28903 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Some vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2007-12-11 |
Secunia Advisory ID:
SA28036 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Some vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2007-12-04 |
Secunia Advisory ID:
SA27901 |
Solution Status:
Vendor Workaround |
|
Criticality:
|
Impact:
Security Bypass
Exposure of sensitive information
|
Where:
From remote |
|
Short Description:
A security issue has been reported in Microsoft's Web Proxy Auto-Discovery (WPAD) feature, which can be exploited by malicious people to conduct man-in-the-middle (MITM) attacks. [Read More]
|
|
|
|
|
|
Release Date:
2007-10-09 |
Secunia Advisory ID:
SA27133 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Spoofing
|
Where:
From remote |
|
Short Description:
A vulnerability has been reported in Internet Explorer, which can be exploited by a malicious website to spoof the address bar. [Read More]
|
|
|
|
|
|
Release Date:
2007-10-09 |
Secunia Advisory ID:
SA23469 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Secunia Research has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2007-09-28 |
Secunia Advisory ID:
SA27007 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Exposure of sensitive information
|
Where:
From remote |
|
Short Description:
Ronald van den Heetkamp has discovered a weakness in Internet Explorer, which potentially can be exploited by malicious people to disclose sensitive information. [Read More]
|
|
|
|
|
|
Release Date:
2007-08-14 |
Secunia Advisory ID:
SA26419 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Some vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2007-08-14 |
Secunia Advisory ID:
SA26409 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2007-08-13 |
Secunia Advisory ID:
SA26427 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Exposure of sensitive information
|
Where:
From remote |
|
Short Description:
A weakness has been reported in Microsoft Internet Explorer, which may expose FTP usernames and passwords. [Read More]
|
|
|
|
|
|
Release Date:
2007-06-12 |
Secunia Advisory ID:
SA25627 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Cross Site Scripting
Spoofing
System access
|
Where:
From remote |
|
Short Description:
Multiple vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to conduct phishing attacks or compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2007-06-06 |
Secunia Advisory ID:
SA25564 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
Spoofing
|
Where:
From remote |
|
Short Description:
Michal Zalewski has reported two vulnerabilities in Internet Explorer, which potentially can be exploited by a malicious website to display a fake URL in the address bar or to bypass certain security restrictions. [Read More]
|
|
|
|
|
|
Release Date:
2007-05-08 |
Secunia Advisory ID:
SA23769 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Multiple vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2007-02-23 |
Secunia Advisory ID:
SA23014 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Spoofing
|
Where:
From remote |
|
Short Description:
Secunia Research has discovered a vulnerability in Internet Explorer, which can be exploited by a malicious website to spoof the address bar. [Read More]
|
|
|
|
|
|
Release Date:
2007-02-13 |
Secunia Advisory ID:
SA24156 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Some vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2007-01-09 |
Secunia Advisory ID:
SA23677 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system [Read More]
|
|
|
|
|
|
Release Date:
2006-12-12 |
Secunia Advisory ID:
SA20807 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Secunia Research has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2006-12-12 |
Secunia Advisory ID:
SA23288 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Exposure of system information
Exposure of sensitive information
System access
|
Where:
From remote |
|
Short Description:
Some vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to gain knowledge of certain information or potentially compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2006-09-14 |
Secunia Advisory ID:
SA21910 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Some vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2006-08-23 |
Secunia Advisory ID:
SA21557 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
A vulnerability has been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2006-08-08 |
Secunia Advisory ID:
SA21396 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Exposure of sensitive information
System access
|
Where:
From remote |
|
Short Description:
Multiple vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to gain knowledge of certain information or compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2006-06-13 |
Secunia Advisory ID:
SA20595 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Spoofing
System access
|
Where:
From remote |
|
Short Description:
Some vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to conduct phishing attacks and compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2006-06-06 |
Secunia Advisory ID:
SA20449 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Exposure of sensitive information
|
Where:
From remote |
|
Short Description:
A vulnerability has been reported in Internet Explorer, which can be exploited by malicious people to trick users into disclosing sensitive information. [Read More]
|
|
|
|
|
|
Release Date:
2006-04-27 |
Secunia Advisory ID:
SA19738 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Exposure of sensitive information
|
Where:
From remote |
|
Short Description:
codedreamer has discovered a vulnerability in Internet Explorer and Outlook Express, which can be exploited by malicious people to disclose potentially sensitive information. [Read More]
|
|
|
|
|
|
Release Date:
2006-04-25 |
Secunia Advisory ID:
SA19762 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Secunia Research has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2006-04-11 |
Secunia Advisory ID:
SA18957 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Cross Site Scripting
Spoofing
System access
|
Where:
From remote |
|
Short Description:
Multiple vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to conduct cross-site scripting attacks, conduct phishing attacks, or compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2006-04-04 |
Secunia Advisory ID:
SA19521 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Spoofing
|
Where:
From remote |
|
Short Description:
Hai Nam Luke has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to conduct phishing attacks. [Read More]
|
|
|
|
|
|
Release Date:
2006-03-27 |
Secunia Advisory ID:
SA19378 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Jeffrey van der Stad has reported a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2006-03-22 |
Secunia Advisory ID:
SA18680 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Secunia Research has discovered a vulnerability in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2006-03-20 |
Secunia Advisory ID:
SA19269 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Michal Zalewski has discovered a vulnerability in Internet Explorer, which potentially can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2006-02-28 |
Secunia Advisory ID:
SA19057 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Manipulation of data
|
Where:
From remote |
|
Short Description:
cyber flash has discovered a weakness in Internet Explorer, which can be exploited by malicious people to trick users into performing certain actions on local resources. [Read More]
|
|
|
|
|
|
Release Date:
2006-02-14 |
Secunia Advisory ID:
SA18787 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Matthew Murphy has reported a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2005-12-13 |
Secunia Advisory ID:
SA15368 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
Exposure of sensitive information
System access
|
Where:
From remote |
|
Short Description:
Five vulnerabilities have been reported in Microsoft Internet Explorer, which can be exploited by malicious people to view potentially sensitive information, to trick users into downloading and executing arbitrary programs, and to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2005-12-08 |
Secunia Advisory ID:
SA17564 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Cross Site Scripting
Exposure of sensitive information
|
Where:
From remote |
|
Short Description:
Matan Gillon has discovered a vulnerability in Microsoft Internet Explorer, which can be exploited by malicious people to disclose potentially sensitive information. [Read More]
|
|
|
|
|
|
Release Date:
2005-11-16 |
Secunia Advisory ID:
SA17565 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Security Bypass
|
Where:
From remote |
|
Short Description:
Claudio "Sverx" has discovered a weakness in Internet Explorer, which can be exploited by malicious people to trick users into visiting a malicious website by obfuscating URLs displayed in the status bar. [Read More]
|
|
|
|
|
|
Release Date:
2005-11-07 |
Secunia Advisory ID:
SA17481 |
Solution Status:
Vendor Workaround |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
A vulnerability has been reported in Macromedia Flash Player included in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2005-10-11 |
Secunia Advisory ID:
SA17163 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2005-09-26 |
Secunia Advisory ID:
SA16942 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Security Bypass
Manipulation of data
Exposure of sensitive information
|
Where:
From remote |
|
Short Description:
Amit Klein has discovered a vulnerability in Microsoft Internet Explorer, which can be exploited by malicious people to manipulate certain data and conduct HTTP request smuggling attacks. [Read More]
|
|
|
|
|
|
Release Date:
2005-08-18 |
Secunia Advisory ID:
SA16480 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
A vulnerability has been reported in Internet Explorer, which can be exploited by malicious people to compromise a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2005-08-09 |
Secunia Advisory ID:
SA16373 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Cross Site Scripting
DoS
System access
|
Where:
From remote |
|
Short Description:
Three vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to conduct cross-site scripting attacks, to cause a DoS (Denial of Service), or compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2005-07-01 |
Secunia Advisory ID:
SA15891 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
SEC Consult has discovered a vulnerability in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2005-06-21 |
Secunia Advisory ID:
SA15491 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Spoofing
|
Where:
From remote |
|
Short Description:
Secunia Research has discovered a vulnerability in Internet Explorer, which can be exploited by malicious web sites to spoof dialog boxes. [Read More]
|
|
|
|
|
|
Release Date:
2005-05-31 |
Secunia Advisory ID:
SA15546 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Benjamin Tobias Franz has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2005-04-12 |
Secunia Advisory ID:
SA14922 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Some vulnerabilities has been reported in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2005-02-21 |
Secunia Advisory ID:
SA14335 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Spoofing
|
Where:
From remote |
|
Short Description:
bitlance winter has discovered a weakness in Internet Explorer, which can be exploited by malicious people to conduct phishing attacks. [Read More]
|
|
|
|
|
|
Release Date:
2005-02-17 |
Secunia Advisory ID:
SA14304 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Security Bypass
|
Where:
From remote |
|
Short Description:
bitlance winter has discovered a weakness in Internet Explorer/Outlook Express, which can be exploited by malicious people to trick users into visiting a malicious web site by obfuscating URLs. [Read More]
|
|
|
|
|
|
Release Date:
2005-02-08 |
Secunia Advisory ID:
SA11165 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
Cross Site Scripting
Spoofing
Exposure of sensitive information
System access
|
Where:
From remote |
|
Short Description:
Multiple vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to conduct cross-site scripting and phishing attacks, disclose sensitive information, bypass certain security restrictions, and compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2005-01-18 |
Secunia Advisory ID:
SA13872 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Exposure of system information
|
Where:
From remote |
|
Short Description:
Berend-Jan Wever has discovered a weakness in Internet Explorer, which can be exploited by malicious people to detect the presence of local files. [Read More]
|
|
|
|
|
|
Release Date:
2005-01-03 |
Secunia Advisory ID:
SA13704 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
A vulnerability has been discovered in Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2004-12-16 |
Secunia Advisory ID:
SA13482 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Cross Site Scripting
System access
|
Where:
From remote |
|
Short Description:
Paul has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2004-12-09 |
Secunia Advisory ID:
SA13404 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Manipulation of data
|
Where:
From remote |
|
Short Description:
Albert Puigsech Galicia has discovered a vulnerability in Microsoft Internet Explorer, which can be exploited by malicious people to conduct FTP command injection attacks. [Read More]
|
|
|
|
|
|
Release Date:
2004-12-08 |
Secunia Advisory ID:
SA13396 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Exposure of system information
|
Where:
From remote |
|
Short Description:
Gregory R. Panakkal has discovered a weakness in Internet Explorer, which can be exploited by malicious people to detect the presence of local files. [Read More]
|
|
|
|
|
|
Release Date:
2004-12-08 |
Secunia Advisory ID:
SA13251 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Spoofing
|
Where:
From remote |
|
Short Description:
Secunia Research has reported a vulnerability in Microsoft Internet Explorer, which can be exploited by malicious people to spoof the content of websites. [Read More]
|
|
|
|
|
|
Release Date:
2004-11-26 |
Secunia Advisory ID:
SA13317 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Spoofing
|
Where:
From remote |
|
Short Description:
cyber flash has discovered a vulnerability in Microsoft Internet Explorer, which can be exploited by malicious people to trick users into downloading malicious files. [Read More]
|
|
|
|
|
|
Release Date:
2004-11-17 |
Secunia Advisory ID:
SA13203 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Security Bypass
Spoofing
|
Where:
From remote |
|
Short Description:
cyber flash has discovered two vulnerabilities in Internet Explorer, which can be exploited by malicious people to bypass a security feature in Microsoft Windows XP SP2 and trick users into downloading malicious files. [Read More]
|
|
|
|
|
|
Release Date:
2004-11-17 |
Secunia Advisory ID:
SA13208 |
Solution Status:
Partial Fix |
|
Criticality:
|
Impact:
Hijacking
|
Where:
From remote |
|
Short Description:
Keigo Yamazaki has reported a vulnerability in Internet Explorer, which potentially can be exploited by malicious people to conduct session fixation attacks. [Read More]
|
|
|
|
|
|
Release Date:
2004-11-10 |
Secunia Advisory ID:
SA13156 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Security Bypass
|
Where:
From remote |
|
Short Description:
Roozbeh Afrasiabi has discovered a weakness in Internet Explorer, which can be exploited by malicious people to trick users into visiting a malicious website by obfuscating URLs displayed in the status bar. [Read More]
|
|
|
|
|
|
Release Date:
2004-11-09 |
Secunia Advisory ID:
SA13124 |
Solution Status:
Partial Fix |
|
Criticality:
|
Impact:
Exposure of system information
|
Where:
From remote |
|
Short Description:
Benjamin Tobias Franz has discovered a vulnerability in Internet Explorer, which can be exploited by malicious sites to detect the presence of local files. [Read More]
|
|
|
|
|
|
Release Date:
2004-11-02 |
Secunia Advisory ID:
SA12959 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
A vulnerability has been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2004-10-29 |
Secunia Advisory ID:
SA13015 |
Solution Status:
Partial Fix |
|
Criticality:
|
Impact:
Security Bypass
|
Where:
From remote |
|
Short Description:
Benjamin Tobias Franz has discovered a weakness in Internet Explorer, which can be exploited by malicious people to trick users into visiting a malicious website by obfuscating URLs. [Read More]
|
|
|
|
|
|
Release Date:
2004-10-20 |
Secunia Advisory ID:
SA12889 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
Cross Site Scripting
System access
|
Where:
From remote |
|
Short Description:
Some vulnerabilities have been discovered in Internet Explorer, which can be exploited by malicious people to compromise a user's system, conduct cross-site/zone scripting and bypass a security feature in Microsoft Windows XP SP2. [Read More]
|
|
|
|
|
|
Release Date:
2004-10-12 |
Secunia Advisory ID:
SA12806 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Spoofing
Exposure of sensitive information
System access
|
Where:
From remote |
|
Short Description:
Multiple vulnerabilities have been reported in Internet Explorer, where the most critical can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2004-10-09 |
Secunia Advisory ID:
SA12765 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Exposure of sensitive information
|
Where:
From remote |
|
Short Description:
Georgi Guninski has reported that a two year old vulnerability has been reintroduced in Microsoft Internet Explorer and can be exploited by malicious people to disclose potentially sensitive information. [Read More]
|
|
|
|
|
|
Release Date:
2004-09-18 |
Secunia Advisory ID:
SA12581 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Hijacking
|
Where:
From remote |
|
Short Description:
WESTPOINT has reported a vulnerability in Internet Explorer, which potentially can be exploited by malicious people to conduct session fixation attacks. [Read More]
|
|
|
|
|
|
Release Date:
2004-09-14 |
Secunia Advisory ID:
SA12528 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Nick DeBaggis has reported a vulnerability in multiple Microsoft products, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2004-08-19 |
Secunia Advisory ID:
SA12321 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
http-equiv has discovered a vulnerability in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2004-08-16 |
Secunia Advisory ID:
SA12304 |
Solution Status:
Partial Fix |
|
Criticality:
|
Impact:
Spoofing
|
Where:
From remote |
|
Short Description:
Liu Die Yu has discovered a vulnerability in Internet Explorer, which potentially can be exploited by malicious people to conduct phishing attacks against a user. [Read More]
|
|
|
|
|
|
Release Date:
2004-07-30 |
Secunia Advisory ID:
SA12192 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
System access
|
Where:
From remote |
|
Short Description:
Microsoft has issued an update for Internet Explorer. This fixes three vulnerabilities, allowing malicious websites to cause a DoS (Denial of Service) or compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2004-07-13 |
Secunia Advisory ID:
SA12048 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
Spoofing
System access
|
Where:
From remote |
|
Short Description:
Paul has reported some vulnerabilities in Internet Explorer, which can be exploited by malicious people to bypass security restrictions and potentially compromise a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2004-07-13 |
Secunia Advisory ID:
SA7277 |
Solution Status:
Partial Fix |
|
Criticality:
|
Impact:
Security Bypass
Spoofing
System access
|
Where:
From remote |
|
Short Description:
Paul has reported a vulnerability in Microsoft Internet Explorer, which can be exploited by malicious people to bypass certain security restrictions and potentially compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2004-06-30 |
Secunia Advisory ID:
SA11966 |
Solution Status:
Vendor Workaround |
|
Criticality:
|
Impact:
Spoofing
|
Where:
From remote |
|
Short Description:
Mark Laurence has discovered a 6 year old vulnerability in Internet Explorer, which can be exploited by malicious people to spoof the contents of websites. [Read More]
|
|
|
|
|
|
Release Date:
2004-06-16 |
Secunia Advisory ID:
SA11868 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
|
Where:
From remote |
|
Short Description:
Rafel Ivgi has discovered a weakness in Internet Explorer (IE), allowing malicious people to crash a user's browser. [Read More]
|
|
|
|
|
|
Release Date:
2004-06-11 |
Secunia Advisory ID:
SA11830 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
Spoofing
|
Where:
From remote |
|
Short Description:
bitlance winter has reported a vulnerability in Internet Explorer (IE), allowing malicious people to bypass security zones or conduct phishing attacks. [Read More]
|
|
|
|
|
|
Release Date:
2004-06-08 |
Secunia Advisory ID:
SA11793 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
System access
|
Where:
From remote |
|
Short Description:
Two vulnerabilities have been reported in Internet Explorer, which in combination with other known issues can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2004-05-10 |
Secunia Advisory ID:
SA11582 |
Solution Status:
Partial Fix |
|
Criticality:
|
Impact:
Spoofing
|
Where:
From remote |
|
Short Description:
http-equiv has discovered an issue in Microsoft Internet Explorer, Outlook and Outlook Express, allowing malicious people to obfuscate URLs. [Read More]
|
|
|
|
|
|
Release Date:
2004-04-26 |
Secunia Advisory ID:
SA11482 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From local network |
|
Short Description:
Rodrigo Gutierrez has discovered a vulnerability in Windows and Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2004-04-13 |
Secunia Advisory ID:
SA11067 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
A vulnerability has been discovered in Outlook Express, which can be exploited by malicious people to compromise a user's system via websites or HTML emails. [Read More]
|
|
|
|
|
|
Release Date:
2004-04-01 |
Secunia Advisory ID:
SA11273 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Security Bypass
|
Where:
From remote |
|
Short Description:
http-equiv has discovered a weakness in Internet Explorer, which potentially can be exploited by malicious people to trick users into visiting a malicious website. [Read More]
|
|
|
|
|
|
Release Date:
2004-03-10 |
Secunia Advisory ID:
SA9680 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
|
Where:
From remote |
|
Short Description:
Corsaire has discovered a vulnerability in multiple vendors' browsers, which can be exploited by malicious people to bypass certain cookie restrictions. [Read More]
|
|
|
|
|
|
Release Date:
2004-02-27 |
Secunia Advisory ID:
SA10996 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Security Bypass
Exposure of sensitive information
|
Where:
From remote |
|
Short Description:
iDEFENSE has reported a vulnerability in Internet Explorer, which can be exploited by malicious people to bypass certain frame scripting restrictions. [Read More]
|
|
|
|
|
|
Release Date:
2004-02-09 |
Secunia Advisory ID:
SA10820 |
Solution Status:
Partial Fix |
|
Criticality:
|
Impact:
Exposure of system information
|
Where:
From remote |
|
Short Description:
Jelmer has discovered a vulnerability in Internet Explorer, allowing malicious sites to detect the presence of local files. [Read More]
|
|
|
|
|
|
Release Date:
2004-02-02 |
Secunia Advisory ID:
SA10765 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Microsoft has issued patches for Internet Explorer, which fix three vulnerabilities. One of these can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2004-01-28 |
Secunia Advisory ID:
SA10736 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
|
Where:
From remote |
|
Short Description:
http-equiv has identified a vulnerability in Internet Explorer, allowing malicious web sites to spoof the file extension of downloadable files. [Read More]
|
|
|
|
|
|
Release Date:
2004-01-02 |
Secunia Advisory ID:
SA10523 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
|
Where:
From remote |
|
Short Description:
Variants of the older showHelp() zone bypass vulnerability have been discovered, which potentially can be exploited to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2003-12-09 |
Secunia Advisory ID:
SA10395 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Spoofing
|
Where:
From remote |
|
Short Description:
A vulnerability has been identified in Internet Explorer, which can be exploited by malicious people to display a fake URL in the address and status bars. [Read More]
|
|
|
|
|
|
Release Date:
2003-11-25 |
Secunia Advisory ID:
SA10289 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
Cross Site Scripting
Exposure of sensitive information
System access
|
Where:
From remote |
|
Short Description:
Multiple vulnerabilities have been identified in Internet Explorer, which in combination can be exploited to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2003-11-11 |
Secunia Advisory ID:
SA10192 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Exposure of sensitive information
System access
|
Where:
From remote |
|
Short Description:
Microsoft has issued a cumulative patch, which fixes multiple vulnerabilities in Internet Explorer. These vulnerabilities can potentially be exploited to bypass Internet Explorer security restrictions and execute arbitrary code with the privileges of the current user. [Read More]
|
|
|
|
|
|
Release Date:
2003-11-07 |
Secunia Advisory ID:
SA10155 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Exposure of system information
|
Where:
From remote |
|
Short Description:
A vulnerability has been identified in Internet Explorer allowing malicious HTML documents such as web sites to see which components are installed. [Read More]
|
|
|
|
|
|
Release Date:
2003-11-07 |
Secunia Advisory ID:
SA10157 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
Exposure of sensitive information
|
Where:
From remote |
|
Short Description:
Multiple vulnerabilities have been identified in Internet Explorer allowing malicious HTML documents such as web sites to access resources in the Local Zone. [Read More]
|
|
|
|
|
|
Release Date:
2003-10-10 |
Secunia Advisory ID:
SA9989 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
|
Where:
From remote |
|
Short Description:
A vulnerability has been reported in Internet Explorer for Windows Server 2003, which can be exploited by malicious people to open arbitrary, known files on a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2003-10-04 |
Secunia Advisory ID:
SA9935 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Microsoft has released a new cumulative patch for Internet Explorer. This fixes the Object Data vulnerability, which was inadequatedly addressed in MS03-32. [Read More]
|
|
|
|
|
|
Release Date:
2003-09-11 |
Secunia Advisory ID:
SA9711 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Cross Site Scripting
Exposure of sensitive information
System access
|
Where:
From remote |
|
Short Description:
Multiple vulnerabilities have been identified in Microsoft Internet Explorer. Some could expose sensitive information others may lead to execution of arbitrary code. [Read More]
|
|
|
|
|
|
Release Date:
2003-09-03 |
Secunia Advisory ID:
SA9668 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
A vulnerability has been identified in Microsoft Access Snapshot Viewer ActiveX control potentially allowing malicious HTML documents and Microsoft Access Snapshot files to cause a buffer overflow. [Read More]
|
|
|
|
|
|
Release Date:
2003-08-20 |
Secunia Advisory ID:
SA9580 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Microsoft has issued a cumulative patch for Internet Explorer, which fixes multiple vulnerabilities. The worst vulnerability can lead to execution of arbitrary code on the client system via HTML emails or web sites. [Read More]
|
|
|
|
|
|
Release Date:
2003-08-14 |
Secunia Advisory ID:
SA9534 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
A vulnerability has been identified in a Microsoft ActiveX plugin called MCIWNDX.OCX, which possibly allows malicious HTML documents to execute arbitrary code on a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2003-07-16 |
Secunia Advisory ID:
SA9268 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Cross Site Scripting
Exposure of system information
Exposure of sensitive information
System access
|
Where:
From remote |
|
Short Description:
A vulnerability has been reported in Internet Explorer (IE), which can be exploited by malicious people to conduct Cross-Site Scripting attacks or execute script code on a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2003-06-17 |
Secunia Advisory ID:
SA9056 |
Solution Status:
Partial Fix |
|
Criticality:
|
Impact:
Cross Site Scripting
System access
|
Where:
From remote |
|
Short Description:
A vulnerability has been identified in Internet Explorer (IE), which can be exploited by malicious people to execute arbitrary script code on a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2003-06-17 |
Secunia Advisory ID:
SA9055 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Cross Site Scripting
|
Where:
From remote |
|
Short Description:
A vulnerability has been identified in Internet Explorer (IE), which can be exploited by malicious people to conduct Cross-Site Scripting attacks against a user. [Read More]
|
|
|
|
|
|
Release Date:
2003-06-06 |
Secunia Advisory ID:
SA8955 |
Solution Status:
Partial Fix |
|
Criticality:
|
Impact:
Exposure of sensitive information
|
Where:
From remote |
|
Short Description:
A vulnerability has been identified in Internet Explorer, which exposes sensitive information to "msn.com" and "alexa.com". [Read More]
|
|
|
|
|
|
Release Date:
2003-06-05 |
Secunia Advisory ID:
SA8949 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Cross Site Scripting
|
Where:
From remote |
|
Short Description:
A vulnerability has been identified in Microsoft Internet Explorer allowing malicious people to conduct Cross Site Scripting against any site running a FTP service on a wildcard domain. [Read More]
|
|
|
|
|
|
Release Date:
2003-06-04 |
Secunia Advisory ID:
SA8943 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Microsoft has reported a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2003-05-20 |
Secunia Advisory ID:
SA8807 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
System access
|
Where:
From remote |
|
Short Description:
A vulnerability has been identified in Internet Explorer, which can be exploited by a malicious person to bypass certain security restrictions in a user's browser making it possible to compromise the system. [Read More]
|
|
|
|
|
|
Release Date:
2003-04-23 |
Secunia Advisory ID:
SA8649 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Exposure of system information
Exposure of sensitive information
System access
|
Where:
From remote |
|
Short Description:
Microsoft has issued a cumulative patch for Internet Explorer, which fixes the following four vulnerabilities: [Read More]
|
|
|
|
|
|
Release Date:
2003-04-23 |
Secunia Advisory ID:
SA8642 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
|
Where:
From remote |
|
Short Description:
A vulnerability identified in a library included in Windows XP and Internet Explorer version 4.0 and newer can be exploited to cause a DoS (Denial of Service) on certain applications. [Read More]
|
|
|
|
|
|
Release Date:
2003-03-13 |
Secunia Advisory ID:
SA8283 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
|
Where:
From remote |
|
Short Description:
A vulnerability has been identified in Internet Explorer's 'web archive' format (files with the extension ".mht"). [Read More]
|
|
|
|
|
|
Release Date:
2003-03-04 |
Secunia Advisory ID:
SA8208 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Macromedia has reported that they recently became aware of some potential vulnerabilities in Flash Player. [Read More]
|
|
|
|
|
|
Release Date:
2003-02-05 |
Secunia Advisory ID:
SA8004 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Microsoft has issued patches, in another attempt to fix the well known cross domain vulnerabilities, allowing malicious web sites to access contents in other domains including local zone. [Read More]
|
|
|
|
|
|
Release Date:
2003-02-04 |
Secunia Advisory ID:
SA7992 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Cross Site Scripting
Exposure of system information
Exposure of sensitive information
|
Where:
From remote |
|
Short Description:
A vulnerability in Internet Explorer (IE) caused by inadequate restrictions can be exploited by a malicious person to gain knowledgde of sensitive information on a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2002-12-29 |
Secunia Advisory ID:
SA7791 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Cross Site Scripting
|
Where:
From remote |
|
Short Description:
Microsoft Internet Explorer has been found vulnerable to Cross Site Scripting. While this usually exists due to improper input validation in web applications, Internet Explorer also fails to validate if parameters has been added when requesting flash files. [Read More]
|
|
|
|
|
|
Release Date:
2002-12-13 |
Secunia Advisory ID:
SA7709 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
MacroMedia FlashPlayer is vulnerable to a buffer overrun. The problem is that certain headers aren't parsed and verified correctly. [Read More]
|
|
|
|
|
|
Release Date:
2002-12-05 |
Secunia Advisory ID:
SA7651 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Microsoft has acknowledged the danger of a bug which has been known for months. The problem is that a malicious webpage could execute ANY local executable. A previous update eliminated the ability to pass parameters to the executable. [Read More]
|
|
|
|
|
|
Release Date:
2002-11-25 |
Secunia Advisory ID:
SA7587 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Exposure of system information
Exposure of sensitive information
System access
|
Where:
From remote |
|
Short Description:
Multiple vulnerabilities has been discovered in different Java implementations. Java Virtual Machines in browsers are supposed to prevent malicious websites from using Java to access local system resources. [Read More]
|
|
|
|
|
|
Release Date:
2002-11-22 |
Secunia Advisory ID:
SA7579 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Microsoft issued two advisories on 20th November 2002. It appears however that the vulnerabilities STILL exist to a certain extent. [Read More]
|
|
|
|
|
|
Release Date:
2002-11-21 |
Secunia Advisory ID:
SA7569 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Microsoft has issued a cumulative patch to fix multiple security issues in Internet Explorer. [Read More]
|
|
|
|
|
|
Release Date:
2002-11-20 |
Secunia Advisory ID:
SA7567 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Remote Data Services (RDS) which is part of Microsoft Data Access Components (MDAC) contains a buffer overflow allowing attackers to run arbitrary code. [Read More]
|
|
|
|
|
|
Release Date:
2002-10-22 |
Secunia Advisory ID:
SA7364 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Exposure of sensitive information
System access
|
Where:
From remote |
|
Short Description:
Internet Explorer 5.5 without SP2 and Internet Explorer 6 without SP1 suffers remotely exploitable vulnerabilities that could give attackers full system access. [Read More]
|
|
|
|
|
|
Release Date:
2002-10-15 |
Secunia Advisory ID:
SA7308 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Cross Site Scripting
|
Where:
From remote |
|
Short Description:
Internet Explorer has earlier been found vulnerable to Cross Frame Scripting, some issues has been resolved in Internet Explorer 6.0 SP1. [Read More]
|
|
|
|
|
|
Release Date:
2002-10-01 |
Secunia Advisory ID:
SA7188 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Cross Site Scripting
|
Where:
From remote |
|
Short Description:
It is possible to bypass Microsoft Internet Explorer Security Zone, by using "SaveRef". [Read More]
|
|
|
|
|
|
Release Date:
2002-09-12 |
Secunia Advisory ID:
SA7099 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
System access
|
Where:
From remote |
|
Short Description:
Two vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2002-09-09 |
Secunia Advisory ID:
SA7082 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Jouko Pynnonen has reported multiple vulnerabilities in Microsoft's Java implementation, which affects all versions of Internet Explorer, Outlook Express, and Outlook. [Read More]
|
|
|
|
|
|
Release Date:
2002-09-09 |
Secunia Advisory ID:
SA7084 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Internet Explorer versions 5.5 and 6.0 are vulnerable to a Cross Frame Scripting attack, which may allow execution of arbitrary code. [Read More]
|
|
|
|
|
|
Release Date:
2002-09-03 |
Secunia Advisory ID:
SA7065 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Cross Site Scripting
|
Where:
From remote |
|
Short Description:
It is possible to construct urls which could lead people to believe they are surfing a trusted site, when in fact they are surfing an attackers mirror, which may contain malicious content. [Read More]
|
|
|
|
|
|
Release Date:
2002-09-02 |
Secunia Advisory ID:
SA4 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Microsoft has issued a cumulative patch for Internet Explorer, this patch covers six different issues. [Read More]
|
|
|
|
|
|
Release Date:
2002-08-29 |
Secunia Advisory ID:
SA5 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Exposure of sensitive information
|
Where:
From remote |
|
Short Description:
It is possible for an attacker to use a flaw in an ActiveX control called Certificate Enrollment Control to delete user certificates. [Read More]
|
|
|
