Lucene search

SAINT CorporationSAINT:EA3258055E112C6DC3640FAD3EBBF3D0

HistoryJun 20, 2007 - 12:00 a.m.

Internet Explorer Content Advisor memory corruption

2007-06-2000:00:00

SAINT Corporation

my.saintcorporation.com

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.882 High

EPSS

Percentile

98.6%

JSON

Added: 06/20/2007
CVE: CVE-2005-0555
BID: 13117
OSVDB: 15466

Background

The Content Advisor is used to control what content is viewable in Internet Explorer.

Problem

A memory corruption vulnerability in the Content Advisor allows command execution when a user loads a specially crafted page in Internet Explorer.

Resolution

Apply the cumulative update referenced in Microsoft Security Bulletin 05-020.

References

<http://www.kb.cert.org/vuls/id/222050>

Limitations

Exploit works with Internet Explorer 6 and requires a user to load the exploit page. The Content Advisor must be enabled and configured in order for this exploit to succeed.

Platforms

Windows

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.882 High

EPSS

Percentile

98.6%

JSON

Related for SAINT:EA3258055E112C6DC3640FAD3EBBF3D0