Lucene search

SAINT CorporationSAINT:1E834391AB7BB4B8D537239661AB57ED

HistoryJun 20, 2007 - 12:00 a.m.

Internet Explorer Content Advisor memory corruption

2007-06-2000:00:00

SAINT Corporation

download.saintcorporation.com

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.924 High

EPSS

Percentile

98.7%

JSON

Added: 06/20/2007
CVE: CVE-2005-0555
BID: 13117
OSVDB: 15466

Background

The Content Advisor is used to control what content is viewable in Internet Explorer.

Problem

A memory corruption vulnerability in the Content Advisor allows command execution when a user loads a specially crafted page in Internet Explorer.

Resolution

Apply the cumulative update referenced in Microsoft Security Bulletin 05-020.

References

<http://www.kb.cert.org/vuls/id/222050>

Limitations

Exploit works with Internet Explorer 6 and requires a user to load the exploit page. The Content Advisor must be enabled and configured in order for this exploit to succeed.

Platforms

Windows

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.924 High

EPSS

Percentile

98.7%

JSON

Related for SAINT:1E834391AB7BB4B8D537239661AB57ED