CVE-2005-1790

Severity

26%

Complexity

49%

Confidentiality

48%

Microsoft Internet Explorer 6 SP2 6.0.2900.2180 and 6.0.2800.1106, and earlier versions, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a Javascript BODY onload event that calls the window function, aka "Mismatched Document Object Model Objects Memory Corruption Vulnerability."

Microsoft Internet Explorer 6 SP2 6.0.2900.2180 and 6.0.2800.1106, and earlier versions, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a Javascript BODY onload event that calls the window function, aka "Mismatched Document Object Model Objects Memory Corruption Vulnerability."

CVSS 2.0 Base Score 2.6. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (AV:N/AC:H/Au:N/C:N/I:N/A:P).

Overview

Type

Microsoft Internet Explorer

First reported 19 years ago

2005-06-01 04:00:00

Last updated 6 years ago

2018-10-19 15:31:00

Affected Software

Microsoft Internet Explorer 6.0.2800.1106

6.0.2800.1106

Microsoft Internet Explorer 6.0.2900.2180

6.0.2900.2180

References

20050528 Microsoft Internet Explorer - Crash on JavaScript "window()"-calling (05/28/2005)

20050530 Re: Microsoft Internet Explorer - Crash on JavaScript "window()"-calling (05/28/2005)

15368

Vendor Advisory

15546

Vendor Advisory

18064

Vendor Advisory

18311

Vendor Advisory

1015251

http://support.avaya.com/elmodocs2/security/ASA-2005-234.pdf

http://www.computerterrorism.com/research/ie/ct21-11-2005

VU#887861

US Government Resource

20051121 Computer Terrorism Security Advisory (Reclassification) - Microsoft Internet Explorer JavaScript Window() Vulnerability

13799

TA05-347A

US Government Resource

ADV-2005-2509

Vendor Advisory

ADV-2005-2867

Vendor Advisory

ADV-2005-2909

Vendor Advisory

http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=375420

MS05-054

oval:org.mitre.oval:def:1091

oval:org.mitre.oval:def:1299

oval:org.mitre.oval:def:1303

oval:org.mitre.oval:def:1489

oval:org.mitre.oval:def:1508

oval:org.mitre.oval:def:722

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.