Vulnerabilities > CVE-2005-0554 - Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5/6.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in the URL processor of Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL with a long hostname, aka "URL Parsing Memory Corruption Vulnerability."
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Exploit-Db
| description | MS Internet Explorer DHTML Object Handling Vulns (MS05-020). CVE-2005-0554. Dos exploit for windows platform |
| id | EDB-ID:931 |
| last seen | 2016-01-31 |
| modified | 2005-04-12 |
| published | 2005-04-12 |
| reporter | Skylined |
| source | https://www.exploit-db.com/download/931/ |
| title | Microsoft Internet Explorer DHTML Object Handling Vulns MS05-020 |
Oval
accepted 2014-02-24T04:00:10.022-05:00 class vulnerability contributors name Harvey Rubinovitz organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Maria Mikhno organization ALTX-SOFT
description Buffer overflow in the URL processor of Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL with a long hostname, aka "URL Parsing Memory Corruption Vulnerability." family windows id oval:org.mitre.oval:def:1196 status accepted submitted 2005-05-10T12:00:00.000-04:00 title URL Parsing Memory Corruption Vulnerability (IE5.01,SP3) version 67 accepted 2014-02-24T04:03:11.830-05:00 class vulnerability contributors name Harvey Rubinovitz organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Maria Mikhno organization ALTX-SOFT
description Buffer overflow in the URL processor of Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL with a long hostname, aka "URL Parsing Memory Corruption Vulnerability." family windows id oval:org.mitre.oval:def:2253 status accepted submitted 2005-05-10T12:00:00.000-04:00 title URL Parsing Memory Corruption Vulnerability (IE5.01,SP4) version 67 accepted 2014-02-24T04:03:13.097-05:00 class vulnerability contributors name Harvey Rubinovitz organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name John Hoyland organization Centennial Software name Maria Mikhno organization ALTX-SOFT
description Buffer overflow in the URL processor of Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL with a long hostname, aka "URL Parsing Memory Corruption Vulnerability." family windows id oval:org.mitre.oval:def:2559 status accepted submitted 2005-05-10T12:00:00.000-04:00 title URL Parsing Memory Corruption Vulnerability (IE6 for Server 2003) version 68 accepted 2014-02-24T04:03:17.037-05:00 class vulnerability contributors name Harvey Rubinovitz organization The MITRE Corporation name John Hoyland organization Centennial Software name Maria Mikhno organization ALTX-SOFT
description Buffer overflow in the URL processor of Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL with a long hostname, aka "URL Parsing Memory Corruption Vulnerability." family windows id oval:org.mitre.oval:def:3817 status accepted submitted 2005-05-10T12:00:00.000-04:00 title URL Parsing Memory Corruption Vulnerability (IE6 for XP,SP2) version 67 accepted 2014-02-24T04:03:27.309-05:00 class vulnerability contributors name Harvey Rubinovitz organization The MITRE Corporation name Jason Spashett organization Centennial Software name Robert L. Hollis organization ThreatGuard, Inc. name Maria Mikhno organization ALTX-SOFT
description Buffer overflow in the URL processor of Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL with a long hostname, aka "URL Parsing Memory Corruption Vulnerability." family windows id oval:org.mitre.oval:def:789 status accepted submitted 2005-05-10T12:00:00.000-04:00 title URL Parsing Memory Corruption Vulnerability (IE6,SP1) version 68
References
- http://www.idefense.com/application/poi/display?id=229&type=vulnerabilities
- http://secunia.com/advisories/14922/
- http://www.us-cert.gov/cas/techalerts/TA05-102A.html
- http://www.kb.cert.org/vuls/id/756122
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A789
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3817
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2559
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2253
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1196
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-020