CVE-2005-1790 Information

Description

Microsoft Internet Explorer 6 SP2 6.0.2900.2180 and 6.0.2800.1106 and earlier versions allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a Javascript BODY onload event that calls the window function aka \Mismatched Document Object Model Objects Memory Corruption Vulnerability.\

Reference

http://marc.info/?l=bugtraq&m=111746394106172&w=2 http://marc.info/?l=bugtraq&m=111755552306013&w=2 http://secunia.com/advisories/15368 http://secunia.com/advisories/15546 http://secunia.com/advisories/18064 http://secunia.com/advisories/18311 http://securitytracker.com/id?1015251 http://support.avaya.com/elmodocs2/security/ASA-2005-234.pdf http://www.computerterrorism.com/research/ie/ct21-11-2005 http://www.kb.cert.org/vuls/id/887861 http://www.securityfocus.com/archive/1/417326/30/0/threaded http://www.securityfocus.com/bid/13799 http://www.us-cert.gov/cas/techalerts/TA05-347A.html http://www.vupen.com/english/advisories/2005/2509 http://www.vupen.com/english/advisories/2005/2867 http://www.vupen.com/english/advisories/2005/2909 http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=375420 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-054 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1091 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1299 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1303 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1489 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1508 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A722