|
|
CVE Reference: CVE-2005-0054 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2005-0054 |
|
|
Description: Internet Explorer 5.01, 5.5, and 6 allows remote attackers to spoof a less restrictive security zone and execute arbitrary code via an HTML page containing URLs that contain hostnames that have been double hex encoded, which are decoded twice to generate a malicious hostname, aka the "URL Decoding Zone Spoofing Vulnerability." |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/19214 OVAL http://oval.mitre.org/oval/definitions/data/oval3586.html http://oval.mitre.org/oval/definitions/data/oval3196.html http://oval.mitre.org/oval/definitions/data/oval3060.html http://oval.mitre.org/oval/definitions/data/oval1736.html http://oval.mitre.org/oval/definitions/data/oval1308.html MS http://www.microsoft.com/technet/security/bulletin/ms05-014.mspx FULLDISC CERT-VN 580299 CERT http://www.us-cert.gov/cas/techalerts/TA05-039A.html BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=110796851002781&w=2 |
|
| Return to the previous page. |
