CVE-2005-0055 Information

Description

Internet Explorer 5.01 5.5 and 6 does not properly validate buffers when handling certain DHTML methods including the createControlRange Javascript function which allows remote attackers to execute arbitrary code aka the \DHTML Method Heap Memory Corruption Vulnerability.\

Reference

http://secunia.com/advisories/11165/ http://secunia.com/secunia_research/2004-12/advisory/ http://securitytracker.com/id?1013125 http://www.kb.cert.org/vuls/id/843771 http://www.us-cert.gov/cas/techalerts/TA05-039A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-014 https://exchange.xforce.ibmcloud.com/vulnerabilities/19137 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1005 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A2692 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A3137 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A3910 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A710