CVE-2005-0554

Properties

Published:
01.05.2005
Updated:
20.10.2005
Patch available:
Severity:
High
CVSS vector:
(AV:R/AC:L/Au:NR/C:P/I:P/A:C/B:N) Approximated
Product:
Microsoft: Internet Explorer
Microsoft: Internet Explorer
Microsoft: Internet Explorer

Vulnerability description

Buffer overflow in the URL processor of Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL with a long hostname, aka"URL Parsing Memory Corruption Vulnerability."

References:

MS: http://www.microsoft.com/technet/Security/bulletin/ms05-020.mspx
IDEFENSE: http://www.idefense.com/application/poi/display?id=229&type=vulnerabilities
SECUNIA: http://secunia.com/advisories/14922/
CERT: http://www.us-cert.gov/cas/techalerts/TA05-102A.html
CERT-VN: http://www.kb.cert.org/vuls/id/756122
IDEFENSE: http://www.idefense.com/application/poi/display?id=229&type=vulnerabilities
OVAL: http://oval.mitre.org/oval/definitions/data/oval1196.html
OVAL: http://oval.mitre.org/oval/definitions/data/oval2253.html
OVAL: http://oval.mitre.org/oval/definitions/data/oval2559.html
OVAL: http://oval.mitre.org/oval/definitions/data/oval3817.html
OVAL: http://oval.mitre.org/oval/definitions/data/oval789.html