cbcvebase.
CVE-2005-0554
published 2005-05-02

CVE-2005-0554: Buffer overflow in the URL processor of Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (crash) and possibly…

PriorityP340high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
57.91%
99.0th percentile
Buffer overflow in the URL processor of Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL with a long hostname, aka "URL Parsing Memory Corruption Vulnerability."

Affected

3 ranges
VendorProductVersion rangeFixed in
microsoftinternet_explorer
microsoftinternet_explorer
microsoftinternet_explorer

Detection & IOCsextracted from sources · hover to see the quote

  • Exploit triggers via JavaScript DHTML object manipulation — monitor for suspicious window.open() combined with document.appendChild() calls in IE browser contexts
  • Exploit variant using createElement and cross-window appendChild/removeChild manipulation
  • Exploit variant attempting to append the document object itself to a new window's document
  • Exploit variant appending document.all[0] across window boundaries — indicative of DHTML object handling abuse in IE
  • ·Vulnerability affects Microsoft Internet Explorer versions 5.01, 5.5, and 6 only; described as a URL parsing memory corruption issue but the available exploit targets DHTML object handling (MS05-020), not a long-hostname URL directly
  • ·The exploit-db proof-of-concept is labeled MS05-020 (DHTML Object Handling), which may be a mislabeled or related but distinct exploit from the URL parsing issue described in CVE-2005-0554; treat attribution with caution
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.