Microsoft: >> Internet Explorer >> 5.0 Security Vulnerabilities
Internet Explorer 5.0 does not properly reset the username/password cache for Web sites that do not use standard cache controls, which could allow users on the same system to access restricted web sites that were visited by other users.
CVSS Score
4.6
EPSS Score
0.004
Published
1999-05-06
The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files.
CVSS Score
2.6
EPSS Score
0.211
Published
1999-05-01
Internet Explorer 4.0 and 5.0 allows a remote attacker to execute security scripts in a different security context using malicious URLs, a variant of the "cross frame" vulnerability.
CVSS Score
7.5
EPSS Score
0.034
Published
1999-04-21
MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to learn information about a local user's files via an IMG SRC tag.
CVSS Score
7.5
EPSS Score
0.045
Published
1999-04-21
Internet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system using the Microsoft Scriptlet Component.
CVSS Score
2.6
EPSS Score
0.052
Published
1999-04-09
Internet Explorer 5.0 allows window spoofing, allowing a remote attacker to spoof a legitimate web site and capture information from the client.
CVSS Score
5.0
EPSS Score
0.116
Published
1999-04-01
The setup wizard (ie5setup.exe) for Internet Explorer 5.0 disables (1) the screen saver, which could leave the system open to users with physical access if a failure occurs during an unattended installation, and (2) the Task Scheduler Service, which might prevent the scheduled execution of security-critical programs.
CVSS Score
7.2
EPSS Score
0.008
Published
1999-03-23
Page 15