Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-0553Out-of-bounds Write in Microsoft IE

4 documents4 sources
Severity
5.1MEDIUMNVD
EPSS
72.3%
top 1.24%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Microsoft IEMicrosoft Internet Explorer
Timeline
PublishedMay 2
Latest updateMay 1

Description

Race condition in the memory management routines in the DHTML object processor in Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail, aka "DHTML Object Memory Corruption Vulnerability".

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4

Affected Packages2 packages

NVDmicrosoft/internet_explorer5.01, 5.5, 6.0+2
NVDmicrosoft/ie6.0

Patches

Patch: secunia.comPatch: www.idefense.comPatch: www.kb.cert.org

🔴Vulnerability Details

2
GHSA
GHSA-7w2g-mcx4-m9r4: Race condition in the memory management routines in the DHTML object processor in Microsoft Internet Explorer 52022-05-01
CVEList
CVE-2005-0553: Race condition in the memory management routines in the DHTML object processor in Microsoft Internet Explorer 52005-04-13

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer 5.0.1 - DHTML Object Race Condition Memory Corruption2005-04-12
CVE-2005-0553 — Out-of-bounds Write in Microsoft IE | cvebase