Vulnerabilities > CVE-2005-0053 - Unspecified vulnerability in Microsoft products

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
microsoft
nessus
exploit available

Summary

Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the "Drag-and-Drop Vulnerability."

Exploit-Db

descriptionMicrosoft Internet Explorer 5.x Valid File Drag and Drop Embedded Code Vulnerability. CVE-2005-0053. Remote exploit for windows platform
idEDB-ID:24693
last seen2016-02-02
modified2004-10-20
published2004-10-20
reporterhttp-equiv
sourcehttps://www.exploit-db.com/download/24693/
titleMicrosoft Internet Explorer 5.x Valid File Drag and Drop Embedded Code Vulnerability

Nessus

NASL familyWindows : Microsoft Bulletins
NASL idSMB_NT_MS05-008.NASL
descriptionThe remote version of Windows contains a flaw in the Windows Shell that could allow an attacker to elevate his privileges and/or execute arbitrary code on the remote host. To exploit this flaw, an attacker would need to lure a victim into visiting a malicious website or opening a malicious file attachment.
last seen2020-06-01
modified2020-06-02
plugin id16324
published2005-02-08
reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/16324
titleMS05-008: Vulnerability in Windows Shell (890047)

Oval

  • accepted2011-05-16T04:00:11.011-04:00
    classvulnerability
    contributors
    • nameMatthew Burton
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameMatthew Wojcik
      organizationThe MITRE Corporation
    • nameJeff Cheng
      organizationOpsware, Inc.
    • nameSudhir Gandhe
      organizationTelos
    • nameShane Shaffer
      organizationG2, Inc.
    descriptionInternet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the "Drag-and-Drop Vulnerability."
    familywindows
    idoval:org.mitre.oval:def:1015
    statusaccepted
    submitted2005-09-19T04:00:00.000-04:00
    titleWinXP,SP2 Drag-and-Drop Vulnerability
    version70
  • accepted2014-02-24T04:00:14.543-05:00
    classvulnerability
    contributors
    • nameHarvey Rubinovitz
      organizationThe MITRE Corporation
    • nameHarvey Rubinovitz
      organizationThe MITRE Corporation
    • nameHarvey Rubinovitz
      organizationThe MITRE Corporation
    • nameHarvey Rubinovitz
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameJeff Cheng
      organizationOpsware, Inc.
    • nameDan Haynes
      organizationThe MITRE Corporation
    • nameMaria Mikhno
      organizationALTX-SOFT
    descriptionInternet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the "Drag-and-Drop Vulnerability."
    familywindows
    idoval:org.mitre.oval:def:1334
    statusaccepted
    submitted2005-03-17T12:00:00.000-04:00
    titleIE6 for Server 2003 Drag-and-Drop Vulnerability
    version70
  • accepted2011-05-16T04:02:20.658-04:00
    classvulnerability
    contributors
    • nameMatthew Burton
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameJeff Cheng
      organizationOpsware, Inc.
    • nameSudhir Gandhe
      organizationTelos
    • nameShane Shaffer
      organizationG2, Inc.
    descriptionInternet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the "Drag-and-Drop Vulnerability."
    familywindows
    idoval:org.mitre.oval:def:2046
    statusaccepted
    submitted2005-03-31T12:00:00.000-04:00
    titleWindows 2000 Drag-and-Drop Vulnerability
    version69
  • accepted2014-02-24T04:03:13.962-05:00
    classvulnerability
    contributors
    • nameHarvey Rubinovitz
      organizationThe MITRE Corporation
    • nameHarvey Rubinovitz
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameJeff Cheng
      organizationOpsware, Inc.
    • nameDan Haynes
      organizationThe MITRE Corporation
    • nameMaria Mikhno
      organizationALTX-SOFT
    descriptionInternet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the "Drag-and-Drop Vulnerability."
    familywindows
    idoval:org.mitre.oval:def:2953
    statusaccepted
    submitted2005-03-17T12:00:00.000-04:00
    titleWindows XP,SP2 IE6.0 Drag-and-Drop Vulnerability
    version69
  • accepted2014-02-24T04:03:14.088-05:00
    classvulnerability
    contributors
    • nameHarvey Rubinovitz
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameJeff Cheng
      organizationOpsware, Inc.
    • nameDan Haynes
      organizationThe MITRE Corporation
    • nameMaria Mikhno
      organizationALTX-SOFT
    descriptionInternet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the "Drag-and-Drop Vulnerability."
    familywindows
    idoval:org.mitre.oval:def:3006
    statusaccepted
    submitted2005-03-17T12:00:00.000-04:00
    titleIE5.01,SP3 Drag-and-Drop Vulnerability
    version70
  • accepted2007-11-13T12:01:16.481-05:00
    classvulnerability
    contributors
    • nameMatthew Burton
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameJeff Cheng
      organizationOpsware, Inc.
    descriptionInternet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the "Drag-and-Drop Vulnerability."
    familywindows
    idoval:org.mitre.oval:def:4726
    statusaccepted
    submitted2005-03-31T12:00:00.000-04:00
    titleServer 2003/64-bit XP Drag-and-Drop Vulnerability
    version67
  • accepted2014-02-24T04:03:19.891-05:00
    classvulnerability
    contributors
    • nameHarvey Rubinovitz
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameJeff Cheng
      organizationOpsware, Inc.
    • nameDan Haynes
      organizationThe MITRE Corporation
    • nameMaria Mikhno
      organizationALTX-SOFT
    descriptionInternet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the "Drag-and-Drop Vulnerability."
    familywindows
    idoval:org.mitre.oval:def:4864
    statusaccepted
    submitted2005-03-17T12:00:00.000-04:00
    titleIE5.01,SP4 Drag-and-Drop Vulnerability
    version70