CVE-2005-0055Out-of-bounds Write in Microsoft Internet Explorer

3 documents3 sources
Severity
7.5HIGHNVD
EPSS
48.1%
top 2.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft IEMicrosoft Internet Explorer
Timeline
PublishedMay 2
Latest updateMay 1

Description

Internet Explorer 5.01, 5.5, and 6 does not properly validate buffers when handling certain DHTML methods including the createControlRange Javascript function, which allows remote attackers to execute arbitrary code, aka the "DHTML Method Heap Memory Corruption Vulnerability."

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

NVDmicrosoft/internet_explorer5.0.1, 5.5, 6.0+2
NVDmicrosoft/ie6.0

Patches

Patch: www.kb.cert.orgPatch: www.us-cert.govPatch: www.kb.cert.org

🔴Vulnerability Details

2
GHSA
GHSA-729m-r9fv-3cr3: Internet Explorer 52022-05-01
CVEList
CVE-2005-0055: Internet Explorer 52005-02-08
CVE-2005-0055 — Out-of-bounds Write in Microsoft | cvebase