Release DateJun 01, 2007 |
Severitylow |
ImpactSystem compromise. |
DescriptionMicrosoft Internet Explorer has a heap based buffer overflow vulnerability. A remote attacker could execute arbitrary code on a victim system via a specially crafted DHTML web page. For the exploit to work the attacker must persuade the victim to open the malicious page. |
Affected ProductsMicrosoft, Internet Explorer, 5.0.1 SP4Microsoft, Internet Explorer, 5.0.1 SP3 Microsoft, Internet Explorer, 5.0.1 SP2 Microsoft, Internet Explorer, 5.0.1 SP1 Microsoft, Internet Explorer, 5.0.1 Microsoft, Internet Explorer, 5.5 SP2 Microsoft, Internet Explorer, 5.5 SP1 Microsoft, Internet Explorer, 5.5 Microsoft, Internet Explorer, 6.0 SP2 Microsoft, Internet Explorer, 6.0 SP1 Microsoft, Internet Explorer, 6.0 |
Recommended ActionsApply patch, available from the Web site.http://www.microsoft.com/technet/security/bulletin/MS05-014.mspx |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2005-0055 |
Reference/shttp://www.securityfocus.com/bid/12427 (BugTraq)http://technet.microsoft.com/en-us/security/bulletin/MS05-014.mspx (MS-ID) |
