Vulnerability Description
Microsoft Internet Explorer 7 allows remote attackers to cause a security certificate from a secure web site to appear invalid via a link to res://ieframe.dll/invalidcert.htm with the target site as an argument, which displays the site's URL in the address bar but causes Internet Explorer to report that the certificate is invalid.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Ie | 7.0 |
References
- http://ingehenriksen.blogspot.com/2006/11/ie7-website-security-certificate.htmlExploit
- http://securitytracker.com/id?1017165Exploit
- http://www.securityfocus.com/archive/1/450722/100/0/threaded
- http://ingehenriksen.blogspot.com/2006/11/ie7-website-security-certificate.htmlExploit
- http://securitytracker.com/id?1017165Exploit
- http://www.securityfocus.com/archive/1/450722/100/0/threaded
FAQ
What is CVE-2006-5805?
CVE-2006-5805 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Microsoft Internet Explorer 7 allows remote attackers to cause a security certificate from a secure web site to appear invalid via a link to res://ieframe.dll/invalidcert.htm with the target site as a...
How severe is CVE-2006-5805?
CVE-2006-5805 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-5805?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Ie.