New Search

IE5.01SP3 DHTML Method Heap Memory Corruption Vulnerability

oval:org.mitre.oval:def:2692

Internet Explorer 5.01 5.5 and 6 does not properly validate buffers when handling certain DHTML methods including the createControlRange Javascript function which allows remote attackers to execute arbitrary code aka the "DHTML Method Heap Memory Corruption Vulnerability."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 2000
Class:
vulnerability
Reference(s):
  • CVE-2005-0055
Product(s):
  • Microsoft Internet Explorer