Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0056

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2005-0056
Last Modified 10 Sep 2008 03:34:50
Published 02 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2005-0056

Summary

Internet Explorer 5.01, 5.5, and 6 does not properly validate certain URLs in Channel Definition Format (CDF) files, which allows remote attackers to obtain sensitive information or execute arbitrary code, aka the "Channel Definition Format (CDF) Cross Domain Vulnerability."

Vulnerable Systems

Application

  • Microsoft Ie 5.01

  • Microsoft Ie 5.5

  • Microsoft Ie 6


References

CERT - TA05-039A

CERT-VN - VU#823971

BID - 12427

MS - MS05-014

XF - ie-cdf-execute-code(19137)

SECTRACK - 1013126


Last Updated: 27 May 2016 10:39:38