Vulnerabilities > CVE-2005-4717 - Unspecified vulnerability in Microsoft products

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

microsoft

exploit available

NVD

Published: 2005-12-31

Updated: 2021-07-23

Summary

Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1, Windows XP SP2, and Windows Server 2003 SP1 allows remote attackers to cause a denial of service (client crash) via a certain combination of a malformed HTML file and a CSS file that triggers a null dereference, probably related to rendering of a DIV element that contains a malformed IMG tag, as demonstrated by IEcrash.htm and IEcrash.rar.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Internet Explorer 6.0 Microsoft IE 6.0	3
OS	Microsoft Microsoft Windows XP * Microsoft Windows 2000 * Microsoft Windows NT 4.0 Microsoft Windows 2003 Server Sp1	5

Exploit-Db

description	Microsoft Internet Explorer 6.0 Malformed HTML Parsing Denial of Service Vulnerability. CVE-2005-4717. Dos exploit for windows platform
id	EDB-ID:26457
last seen	2016-02-03
modified	2005-11-01
published	2005-11-01
reporter	[email protected]
source	https://www.exploit-db.com/download/26457/
title	Microsoft Internet Explorer 6.0 Malformed HTML Parsing Denial of Service Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References