New Search

IE6 DHTML Method Heap Memory Corruption Vulnerability (Server 2003)

oval:org.mitre.oval:def:3137

Internet Explorer 5.01 5.5 and 6 does not properly validate buffers when handling certain DHTML methods including the createControlRange Javascript function which allows remote attackers to execute arbitrary code aka the "DHTML Method Heap Memory Corruption Vulnerability."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2003
Class:
vulnerability
Reference(s):
  • CVE-2005-0055
Product(s):
  • Microsoft Internet Explorer