4.3

CVE-2005-3312

Exploit

EPSS 20.36%
Veröffentlicht 26.10.2005 10:02:00
Zuletzt bearbeitet 16.04.2026 00:27:16
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The HTML rendering engine in Microsoft Internet Explorer 6.0 allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML in corrupted images and other files such as .GIF, JPG, and WAV, which is rendered as HTML when the user clicks on the link, even though the web server response and file extension indicate that it should be treated as a different file type.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 8

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Internet Explorer Version6.0

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	20.36%	0.953

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://marc.info/?l=bugtraq&m=113017003617987&w=2

http://securityreason.com/securityalert/18

http://www.computec.ch/download.php?view.683

Exploit

http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=1746

Vendor Advisory

Exploit

http://www.securiteam.com/windowsntfocus/6F00B00EBY.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2005-3312

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-3312

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-3312

EUVD