CVE-2005-4269 — Microsoft IE vulnerability

3 documents3 sources

Severity

7.8HIGHNVD

EPSS

15.9%

top 5.23%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft IE Microsoft Windows 2003 Server

Timeline

PublishedDec 15

Latest updateMay 1

Description

mshtml.dll in Microsoft Windows XP, Server 2003, and Internet Explorer 6.0 SP1 allows attackers to cause a denial of service (access violation) by causing mshtml.dll to process button-focus events at the same time that a document is reloading, as seen in Microsoft Office InfoPath 2003 by repeatedly clicking the "Delete" button in a repeating section in a form. NOTE: the normal operation of InfoPath appears to involve a local user without any privilege boundaries, so this might not be a vulnerabi…

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages2 packages

▶NVDmicrosoft/windows_2003_serverr2

▶NVDmicrosoft/ie6.0

🔴Vulnerability Details

GHSA

GHSA-2h2m-3wv3-pqw4: mshtml↗2022-05-01

▶

CVEList

CVE-2005-4269: mshtml↗2005-12-15

▶