7.5
CVE-2005-0055
- EPSS 36.84%
- Veröffentlicht 02.05.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:10:25
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Internet Explorer 5.01, 5.5, and 6 does not properly validate buffers when handling certain DHTML methods including the createControlRange Javascript function, which allows remote attackers to execute arbitrary code, aka the "DHTML Method Heap Memory Corruption Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Internet Explorer Version5.0.1
Microsoft ≫ Internet Explorer Version5.0.1 Updatesp1
Microsoft ≫ Internet Explorer Version5.0.1 Updatesp2
Microsoft ≫ Internet Explorer Version5.0.1 Updatesp3
Microsoft ≫ Internet Explorer Version5.0.1 Updatesp4
Microsoft ≫ Internet Explorer Version5.5
Microsoft ≫ Internet Explorer Version5.5 Updatesp1
Microsoft ≫ Internet Explorer Version5.5 Updatesp2
Microsoft ≫ Internet Explorer Version6.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 36.84% | 0.983 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://www.us-cert.gov/cas/techalerts/TA05-039A.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-014
http://secunia.com/advisories/11165/
http://secunia.com/secunia_research/2004-12/advisory/
http://securitytracker.com/id?1013125
http://www.kb.cert.org/vuls/id/843771
https://exchange.xforce.ibmcloud.com/vulnerabilities/19137
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1005
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2692
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3137
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3910
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A710