CVE-2005-0056 Information

Description

Internet Explorer 5.01 5.5 and 6 does not properly validate certain URLs in Channel Definition Format (CDF) files which allows remote attackers to obtain sensitive information or execute arbitrary code aka the \Channel Definition Format (CDF) Cross Domain Vulnerability.\

Reference

http://securitytracker.com/id?1013126 http://www.kb.cert.org/vuls/id/823971 http://www.securityfocus.com/bid/12427 http://www.us-cert.gov/cas/techalerts/TA05-039A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-014 https://exchange.xforce.ibmcloud.com/vulnerabilities/19137 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A2385 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A2817 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A3318 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A4085 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A4947