Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4717


Vulnerability Score 5.0 5.0
CVE Id CVE-2005-4717
Last Modified 05 Sep 2008 04:57:37
Published 31 Dec 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1, Windows XP SP2, and Windows Server 2003 SP1 allows remote attackers to cause a denial of service (client crash) via a certain combination of a malformed HTML file and a CSS file that triggers a null dereference, probably related to rendering of a DIV element that contains a malformed IMG tag, as demonstrated by IEcrash.htm and IEcrash.rar.

Vulnerable Systems

Operating System

  • Microsoft Windows 2000

  • Microsoft Windows 2003 Server Sp1

  • Microsoft Windows Nt 4.0

  • Microsoft Windows Xp


  • Microsoft Ie 6.0


BID - 15268

FULLDISC - 20051104 RE: new IE bug (confirmed on ALL windows)

FULLDISC - 20051101 new IE bug (confirmed on ALL windows)

Last Updated: 27 May 2016 10:41:24