Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1790

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2005-1790
Last Modified 27 Sep 2011 12:00:00
Published 01 Jun 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2005-1790

Summary

Microsoft Internet Explorer 6 SP2 6.0.2900.2180 and 6.0.2800.1106, and earlier versions, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a Javascript BODY onload event that calls the window function, aka "Mismatched Document Object Model Objects Memory Corruption Vulnerability."

Vulnerable Systems

Application

  • Microsoft Ie 6.0.2800.1106

  • Microsoft Ie 6.0.2900.2180


References

CERT - TA05-347A

CERT-VN - VU#887861

MISC - http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=375420

VUPEN - ADV-2005-2909

VUPEN - ADV-2005-2867

VUPEN - ADV-2005-2509

BID - 13799

BUGTRAQ - 20051121 Computer Terrorism Security Advisory (Reclassification) - Microsoft Internet Explorer JavaScript Window() Vulnerability

MS - MS05-054

MISC - http://www.computerterrorism.com/research/ie/ct21-11-2005

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2005-234.pdf

SECTRACK - 1015251

SECUNIA - 18311

SECUNIA - 18064

SECUNIA - 15546

SECUNIA - 15368

BUGTRAQ - 20050530 Re: Microsoft Internet Explorer - Crash on JavaScript

BUGTRAQ - 20050528 Microsoft Internet Explorer - Crash on JavaScript

BUGTRAQ - 20050530 Re: Microsoft Internet Explorer - Crash on JavaScript "window()"-calling (05/28/2005)

BUGTRAQ - 20050528 Microsoft Internet Explorer - Crash on JavaScript "window()"-calling (05/28/2005)


Last Updated: 27 May 2016 10:40:44