|
Vulnerability Report: Microsoft Internet Explorer 6.x
|
This vulnerability report for Microsoft Internet Explorer 6.x contains a complete overview of all Secunia advisories affecting it. You can use this vulnerability report to ensure that you are aware of all vulnerabilities, both patched and unpatched, affecting this product allowing you to take the necessary precautions.
If you have information about a new or an existing vulnerability in Microsoft Internet Explorer 6.x then you are more than welcome to contact us.
|
|
|
|
|
Vendor, Links, and Unpatched Vulnerabilities
| Vendor |
Microsoft
|
|
|
Product Link
|
View Here (Link to external site)
|
|
|
Affected By
|
143 Secunia advisories
176 Vulnerabilities
|
|
|
Monitor Product
|
Receive alerts for this product
|
|
|
Unpatched
|
16% (23 of 143 Secunia advisories)
|
|
Most Critical Unpatched
The most severe unpatched Secunia advisory affecting Microsoft Internet Explorer 6.x, with all vendor patches applied, is rated Moderately critical  .
|
|
|
|
|
|
35 Secunia Advisories in 2004
|
Secunia has issued a total of 35 Secunia advisories in 2004 for Microsoft Internet Explorer 6.x. Currently, 20% (7 out of 35) are marked as unpatched with the most severe being rated Moderately critical
More information about the specific Secunia advisories affecting Microsoft Internet Explorer 6.x can be found below. Each Secunia advisory is enclosed by a box highlighted with a color representing its current patch status. You can read the complete Secunia advisories for thorough descriptions of the issues covered and for solution suggestions by clicking either the Secunia advisory title or the "Read More" links available for each Secunia advisory.
|
|
|
|
|
|
Release Date:
2004-12-16 |
Secunia Advisory ID:
SA13482 |
Solution Status:
Vendor Patch |
|
Criticality:
 |
Impact:
Cross Site Scripting
System access
|
Where:
From remote |
|
Short Description:
Paul has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2004-12-09 |
Secunia Advisory ID:
SA13404 |
Solution Status:
Vendor Patch |
|
Criticality:
 |
Impact:
Manipulation of data
|
Where:
From remote |
|
Short Description:
Albert Puigsech Galicia has discovered a vulnerability in Microsoft Internet Explorer, which can be exploited by malicious people to conduct FTP command injection attacks. [Read More]
|
|
|
|
|
|
Release Date:
2004-12-08 |
Secunia Advisory ID:
SA13396 |
Solution Status:
Vendor Patch |
|
Criticality:
 |
Impact:
Exposure of system information
|
Where:
From remote |
|
Short Description:
Gregory R. Panakkal has discovered a weakness in Internet Explorer, which can be exploited by malicious people to detect the presence of local files. [Read More]
|
|
|
|
|
|
Release Date:
2004-12-08 |
Secunia Advisory ID:
SA13251 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Spoofing
|
Where:
From remote |
|
Short Description:
Secunia Research has reported a vulnerability in Microsoft Internet Explorer, which can be exploited by malicious people to spoof the content of websites. [Read More]
|
|
|
|
|
|
Release Date:
2004-11-26 |
Secunia Advisory ID:
SA13317 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Spoofing
|
Where:
From remote |
|
Short Description:
cyber flash has discovered a vulnerability in Microsoft Internet Explorer, which can be exploited by malicious people to trick users into downloading malicious files. [Read More]
|
|
|
|
|
|
Release Date:
2004-11-17 |
Secunia Advisory ID:
SA13208 |
Solution Status:
Partial Fix |
|
Criticality:
|
Impact:
Hijacking
|
Where:
From remote |
|
Short Description:
Keigo Yamazaki has reported a vulnerability in Internet Explorer, which potentially can be exploited by malicious people to conduct session fixation attacks. [Read More]
|
|
|
|
|
|
Release Date:
2004-11-17 |
Secunia Advisory ID:
SA13203 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Security Bypass
Spoofing
|
Where:
From remote |
|
Short Description:
cyber flash has discovered two vulnerabilities in Internet Explorer, which can be exploited by malicious people to bypass a security feature in Microsoft Windows XP SP2 and trick users into downloading malicious files. [Read More]
|
|
|
|
|
|
Release Date:
2004-11-10 |
Secunia Advisory ID:
SA13156 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Security Bypass
|
Where:
From remote |
|
Short Description:
Roozbeh Afrasiabi has discovered a weakness in Internet Explorer, which can be exploited by malicious people to trick users into visiting a malicious website by obfuscating URLs displayed in the status bar. [Read More]
|
|
|
|
|
|
Release Date:
2004-11-09 |
Secunia Advisory ID:
SA13124 |
Solution Status:
Partial Fix |
|
Criticality:
|
Impact:
Exposure of system information
|
Where:
From remote |
|
Short Description:
Benjamin Tobias Franz has discovered a vulnerability in Internet Explorer, which can be exploited by malicious sites to detect the presence of local files. [Read More]
|
|
|
|
|
|
Release Date:
2004-11-02 |
Secunia Advisory ID:
SA12959 |
Solution Status:
Vendor Patch |
|
Criticality:
 |
Impact:
System access
|
Where:
From remote |
|
Short Description:
A vulnerability has been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2004-10-29 |
Secunia Advisory ID:
SA13015 |
Solution Status:
Partial Fix |
|
Criticality:
|
Impact:
Security Bypass
|
Where:
From remote |
|
Short Description:
Benjamin Tobias Franz has discovered a weakness in Internet Explorer, which can be exploited by malicious people to trick users into visiting a malicious website by obfuscating URLs. [Read More]
|
|
|
|
|
|
Release Date:
2004-10-20 |
Secunia Advisory ID:
SA12889 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
Cross Site Scripting
System access
|
Where:
From remote |
|
Short Description:
Some vulnerabilities have been discovered in Internet Explorer, which can be exploited by malicious people to compromise a user's system, conduct cross-site/zone scripting and bypass a security feature in Microsoft Windows XP SP2. [Read More]
|
|
|
|
|
|
Release Date:
2004-10-12 |
Secunia Advisory ID:
SA12806 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Spoofing
Exposure of sensitive information
System access
|
Where:
From remote |
|
Short Description:
Multiple vulnerabilities have been reported in Internet Explorer, where the most critical can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2004-10-09 |
Secunia Advisory ID:
SA12765 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Exposure of sensitive information
|
Where:
From remote |
|
Short Description:
Georgi Guninski has reported that a two year old vulnerability has been reintroduced in Microsoft Internet Explorer and can be exploited by malicious people to disclose potentially sensitive information. [Read More]
|
|
|
|
|
|
Release Date:
2004-09-18 |
Secunia Advisory ID:
SA12581 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Hijacking
|
Where:
From remote |
|
Short Description:
WESTPOINT has reported a vulnerability in Internet Explorer, which potentially can be exploited by malicious people to conduct session fixation attacks. [Read More]
|
|
|
|
|
|
Release Date:
2004-09-14 |
Secunia Advisory ID:
SA12528 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Nick DeBaggis has reported a vulnerability in multiple Microsoft products, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2004-08-19 |
Secunia Advisory ID:
SA12321 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
http-equiv has discovered a vulnerability in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2004-08-16 |
Secunia Advisory ID:
SA12304 |
Solution Status:
Partial Fix |
|
Criticality:
|
Impact:
Spoofing
|
Where:
From remote |
|
Short Description:
Liu Die Yu has discovered a vulnerability in Internet Explorer, which potentially can be exploited by malicious people to conduct phishing attacks against a user. [Read More]
|
|
|
|
|
|
Release Date:
2004-07-30 |
Secunia Advisory ID:
SA12192 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
System access
|
Where:
From remote |
|
Short Description:
Microsoft has issued an update for Internet Explorer. This fixes three vulnerabilities, allowing malicious websites to cause a DoS (Denial of Service) or compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2004-07-13 |
Secunia Advisory ID:
SA12048 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
Spoofing
System access
|
Where:
From remote |
|
Short Description:
Paul has reported some vulnerabilities in Internet Explorer, which can be exploited by malicious people to bypass security restrictions and potentially compromise a vulnerable system. [Read More]
|
|
|
|
|
|
Release Date:
2004-07-13 |
Secunia Advisory ID:
SA7277 |
Solution Status:
Partial Fix |
|
Criticality:
|
Impact:
Security Bypass
Spoofing
System access
|
Where:
From remote |
|
Short Description:
Paul has reported a vulnerability in Microsoft Internet Explorer, which can be exploited by malicious people to bypass certain security restrictions and potentially compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2004-06-30 |
Secunia Advisory ID:
SA11966 |
Solution Status:
Vendor Workaround |
|
Criticality:
|
Impact:
Spoofing
|
Where:
From remote |
|
Short Description:
Mark Laurence has discovered a 6 year old vulnerability in Internet Explorer, which can be exploited by malicious people to spoof the contents of websites. [Read More]
|
|
|
|
|
|
Release Date:
2004-06-16 |
Secunia Advisory ID:
SA11868 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
|
Where:
From remote |
|
Short Description:
Rafel Ivgi has discovered a weakness in Internet Explorer (IE), allowing malicious people to crash a user's browser. [Read More]
|
|
|
|
|
|
Release Date:
2004-06-11 |
Secunia Advisory ID:
SA11830 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
Spoofing
|
Where:
From remote |
|
Short Description:
bitlance winter has reported a vulnerability in Internet Explorer (IE), allowing malicious people to bypass security zones or conduct phishing attacks. [Read More]
|
|
|
|
|
|
Release Date:
2004-06-08 |
Secunia Advisory ID:
SA11793 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
System access
|
Where:
From remote |
|
Short Description:
Two vulnerabilities have been reported in Internet Explorer, which in combination with other known issues can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2004-05-10 |
Secunia Advisory ID:
SA11582 |
Solution Status:
Partial Fix |
|
Criticality:
|
Impact:
Spoofing
|
Where:
From remote |
|
Short Description:
http-equiv has discovered an issue in Microsoft Internet Explorer, Outlook and Outlook Express, allowing malicious people to obfuscate URLs. [Read More]
|
|
|
|
|
|
Release Date:
2004-04-26 |
Secunia Advisory ID:
SA11482 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From local network |
|
Short Description:
Rodrigo Gutierrez has discovered a vulnerability in Windows and Internet Explorer, which can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2004-04-13 |
Secunia Advisory ID:
SA11067 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
A vulnerability has been discovered in Outlook Express, which can be exploited by malicious people to compromise a user's system via websites or HTML emails. [Read More]
|
|
|
|
|
|
Release Date:
2004-04-01 |
Secunia Advisory ID:
SA11273 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Security Bypass
|
Where:
From remote |
|
Short Description:
http-equiv has discovered a weakness in Internet Explorer, which potentially can be exploited by malicious people to trick users into visiting a malicious website. [Read More]
|
|
|
|
|
|
Release Date:
2004-03-10 |
Secunia Advisory ID:
SA9680 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
|
Where:
From remote |
|
Short Description:
Corsaire has discovered a vulnerability in multiple vendors' browsers, which can be exploited by malicious people to bypass certain cookie restrictions. [Read More]
|
|
|
|
|
|
Release Date:
2004-02-27 |
Secunia Advisory ID:
SA10996 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Security Bypass
Exposure of sensitive information
|
Where:
From remote |
|
Short Description:
iDEFENSE has reported a vulnerability in Internet Explorer, which can be exploited by malicious people to bypass certain frame scripting restrictions. [Read More]
|
|
|
|
|
|
Release Date:
2004-02-09 |
Secunia Advisory ID:
SA10820 |
Solution Status:
Partial Fix |
|
Criticality:
|
Impact:
Exposure of system information
|
Where:
From remote |
|
Short Description:
Jelmer has discovered a vulnerability in Internet Explorer, allowing malicious sites to detect the presence of local files. [Read More]
|
|
|
|
|
|
Release Date:
2004-02-02 |
Secunia Advisory ID:
SA10765 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
System access
|
Where:
From remote |
|
Short Description:
Microsoft has issued patches for Internet Explorer, which fix three vulnerabilities. One of these can be exploited by malicious people to compromise a user's system. [Read More]
|
|
|
|
|
|
Release Date:
2004-01-28 |
Secunia Advisory ID:
SA10736 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
|
Where:
From remote |
|
Short Description:
http-equiv has identified a vulnerability in Internet Explorer, allowing malicious web sites to spoof the file extension of downloadable files. [Read More]
|
|
|
|
|
|
Release Date:
2004-01-02 |
Secunia Advisory ID:
SA10523 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
|
Where:
From remote |
|
Short Description:
Variants of the older showHelp() zone bypass vulnerability have been discovered, which potentially can be exploited to compromise a user's system. [Read More]
|
|
|
