Microsoft: >> Internet Explorer >> 5.0 Security Vulnerabilities
Internet Explorer 5.0 and 5.01 allows remote attackers to modify or execute files via the Import/Export Favorites feature, aka the "ImportExportFavorites" vulnerability.
CVSS Score
10.0
EPSS Score
0.359
Published
1999-09-10
The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands.
CVSS Score
5.1
EPSS Score
0.226
Published
1999-09-10
The Eyedog ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy.
CVSS Score
4.0
EPSS Score
0.126
Published
1999-09-01
Buffer overflow in the Eyedog ActiveX control allows a remote attacker to execute arbitrary commands.
CVSS Score
4.0
EPSS Score
0.103
Published
1999-09-01
The "download behavior" in Internet Explorer 5 allows remote attackers to read arbitrary files via a server-side redirect.
CVSS Score
5.0
EPSS Score
0.601
Published
1999-09-01
Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell.
CVSS Score
5.0
EPSS Score
0.087
Published
1999-08-27
Internet Explorer 5.0 records the username and password for FTP servers in the URL history, which could allow (1) local users to read the information from another user's index.dat, or (2) people who are physically observing ("shoulder surfing") another user to read the information from the status bar when the user moves the mouse over a link.
CVSS Score
4.6
EPSS Score
0.005
Published
1999-08-25
The scriptlet.typelib ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy.
CVSS Score
5.1
EPSS Score
0.192
Published
1999-08-21
Buffer overflow in Internet Explorer 5 allows remote attackers to execute commands via a malformed Favorites icon.
CVSS Score
7.6
EPSS Score
0.179
Published
1999-05-27
The Preloader ActiveX control used by Internet Explorer allows remote attackers to read arbitrary files.
CVSS Score
5.1
EPSS Score
0.066
Published
1999-05-27