Vulnerability Description
Microsoft Internet Explorer 6 SP2 6.0.2900.2180 and 6.0.2800.1106, and earlier versions, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a Javascript BODY onload event that calls the window function, aka "Mismatched Document Object Model Objects Memory Corruption Vulnerability."
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Internet Explorer | 6.0.2800.1106 |
Related Weaknesses (CWE)
References
- http://marc.info/?l=bugtraq&m=111746394106172&w=2
- http://marc.info/?l=bugtraq&m=111755552306013&w=2
- http://secunia.com/advisories/15368Vendor Advisory
- http://secunia.com/advisories/15546Vendor Advisory
- http://secunia.com/advisories/18064Vendor Advisory
- http://secunia.com/advisories/18311Vendor Advisory
- http://securitytracker.com/id?1015251
- http://support.avaya.com/elmodocs2/security/ASA-2005-234.pdf
- http://www.computerterrorism.com/research/ie/ct21-11-2005
- http://www.kb.cert.org/vuls/id/887861US Government Resource
- http://www.securityfocus.com/archive/1/417326/30/0/threaded
- http://www.securityfocus.com/bid/13799
- http://www.us-cert.gov/cas/techalerts/TA05-347A.htmlUS Government Resource
- http://www.vupen.com/english/advisories/2005/2509Vendor Advisory
- http://www.vupen.com/english/advisories/2005/2867Vendor Advisory
FAQ
What is CVE-2005-1790?
CVE-2005-1790 is a vulnerability with a CVSS score of 2.6 (LOW). Microsoft Internet Explorer 6 SP2 6.0.2900.2180 and 6.0.2800.1106, and earlier versions, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a Javascript BODY o...
How severe is CVE-2005-1790?
CVE-2005-1790 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-1790?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Internet Explorer.