Microsoft: >> Internet Explorer >> 5.5 Security Vulnerabilities
Internet Explorer 5.x and Microsoft Outlook allows remote attackers to read arbitrary files by redirecting the contents of an IFRAME using the DHTML Edit Control (DHTMLED).
CVSS Score
5.0
EPSS Score
0.28
Published
2000-07-14
The IFRAME of the WebBrowser control in Internet Explorer 5.01 allows a remote attacker to violate the cross frame security policy via the NavigateComplete2 event.
CVSS Score
2.6
EPSS Score
0.111
Published
2000-06-06
Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files via the frame, aka the "Frame Domain Verification" vulnerability.
CVSS Score
5.1
EPSS Score
0.187
Published
2000-05-17
Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document has been loaded, which could allow remote attackers to execute Javascript in a different security context while the document is loading.
CVSS Score
10.0
EPSS Score
0.17
Published
2000-01-07
Page 24