Lucene search

[email protected]NVD:CVE-2005-3240

HistoryDec 31, 2005 - 5:00 a.m.

CVE-2005-3240

2005-12-3105:00:00

CWE-362

[email protected]

web.nvd.nist.gov

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

High

0.082 Low

EPSS

Percentile

94.4%

JSON

Race condition in Microsoft Internet Explorer allows user-assisted attackers to overwrite arbitrary files and possibly execute code by tricking a user into performing a drag-and-drop action from certain objects, such as file objects within a folder view, then predicting the drag action, and re-focusing to a malicious window.

Affected configurations

NVD

Node

microsoftieMatch6.0sp1

microsoftinternet_explorerMatch5.01

microsoftinternet_explorerMatch5.01sp1

microsoftinternet_explorerMatch5.01sp2

microsoftinternet_explorerMatch5.01sp3

microsoftinternet_explorerMatch5.01sp4

microsoftinternet_explorerMatch5.5

microsoftinternet_explorerMatch5.5sp1

microsoftinternet_explorerMatch5.5sp2

microsoftinternet_explorerMatch6.0

References

blogs.technet.com/msrc/archive/2006/02/13/419439.aspx

secunia.com/advisories/18787

securitytracker.com/id?1015049

www.osvdb.org/2707

www.securiteam.com/windowsntfocus/5MP0B0UHPA.html

www.securityfocus.com/archive/1/424863/100/0/threaded

www.securityfocus.com/archive/1/424940/100/0/threaded

www.securityfocus.com/bid/16352

www.vupen.com/english/advisories/2006/0553

exchange.xforce.ibmcloud.com/vulnerabilities/24648

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

High

0.082 Low

EPSS

Percentile

94.4%

JSON

Related for NVD:CVE-2005-3240

cve2 cvelist2 nvd1