Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-0053Microsoft Internet Explorer vulnerability

5 documents5 sources
Severity
7.5HIGHNVD
EPSS
65.9%
top 1.49%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
Microsoft IEMicrosoft Internet ExplorerMicrosoft Windows 2003 Server
Timeline
PublishedMay 2
Latest updateMay 1

Description

Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the "Drag-and-Drop Vulnerability."

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

NVDmicrosoft/internet_explorer5.0.1, 5.5, 6.0+2
NVDmicrosoft/ie6.0

Patches

Patch: www.kb.cert.orgPatch: www.securityfocus.comPatch: www.us-cert.gov

🔴Vulnerability Details

3
GHSA
GHSA-xj59-9vch-c6qw: Internet Explorer 52022-05-01
CVEList
CVE-2005-0053: Internet Explorer 52005-02-08
VulnCheck
Microsoft Internet Explorer Drag-and-Drop Vulnerability2005

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer 5.x - Valid File Drag and Drop Embedded Code (MS04-038)2004-10-20
CVE-2005-0053 — Microsoft vulnerability | cvebase