Lucene search
SAINT CorporationSAINT:EFACAED02EBDAB9EDF61D61CC013F5E2HistoryApr 25, 2006 - 12:00 a.m.
Internet Explorer DHTML object vulnerability
2006-04-2500:00:00
SAINT Corporation
www.saintcorporation.com
13
0.953 High
EPSS
Percentile
99.2%
Added: 04/25/2006
CVE: CVE-2005-0553
BID: 13120
OSVDB: 15465
Background
Dynamic HTML (DHTML) allows the creation of interactive web pages.
Problem
Race conditions in various DHTML methods could allow command execution when a specially crafted web page is loaded in Internet Explorer.
Resolution
Apply the patch referenced in Microsoft Security Bulletin 05-020.
References
<http://www.idefense.com/intelligence/vulnerabilities/display.php?id=228>
Limitations
A user must load the exploit URL in Internet Explorer in order to run the exploit. Since the vulnerability is a race condition, the exploit may not always succeed.
Platforms
Windows
Related
saint
saint
Internet Explorer DHTML object vulnerability
2006-04-25 00:00:00
Internet Explorer DHTML object vulnerability
2006-04-25 00:00:00
Internet Explorer DHTML object vulnerability
2006-04-25 00:00:00
cve
cve
CVE-2005-0553
2005-05-02 04:00:00
securityvulns
securityvulns
checkpoint_advisories
checkpoint_advisories
cert
cert
Microsoft Internet Explorer DHTML objects contain a race condition
2005-04-12 00:00:00
packetstorm
packetstorm
ie_dhtml_poc.txt
2005-04-18 00:00:00
openvas
openvas
IE 5.01 5.5 6.0 Cumulative patch (890923)
2005-11-03 00:00:00