CVE - CVE-2005-1790

CVE-ID
CVE-2005-1790	Learn more at National Vulnerability Database (NVD) • Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
Description
Microsoft Internet Explorer 6 SP2 6.0.2900.2180 and 6.0.2800.1106, and earlier versions, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a Javascript BODY onload event that calls the window function, aka "Mismatched Document Object Model Objects Memory Corruption Vulnerability."
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BUGTRAQ:20050528 Microsoft Internet Explorer - Crash on JavaScript "window()"-calling (05/28/2005) URL:http://marc.info/?l=bugtraq&m=111746394106172&w=2 BUGTRAQ:20050530 Re: Microsoft Internet Explorer - Crash on JavaScript "window()"-calling (05/28/2005) URL:http://marc.info/?l=bugtraq&m=111755552306013&w=2 BUGTRAQ:20051121 Computer Terrorism Security Advisory (Reclassification) - Microsoft Internet Explorer JavaScript Window() Vulnerability URL:http://www.securityfocus.com/archive/1/archive/1/417326/30/0/threaded MISC:http://www.computerterrorism.com/research/ie/ct21-11-2005 MISC:http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=375420 CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2005-234.pdf MS:MS05-054 URL:http://www.microsoft.com/technet/security/bulletin/ms05-054.mspx CERT:TA05-347A URL:http://www.us-cert.gov/cas/techalerts/TA05-347A.html CERT-VN:VU#887861 URL:http://www.kb.cert.org/vuls/id/887861 BID:13799 URL:http://www.securityfocus.com/bid/13799 VUPEN:ADV-2005-2509 URL:http://www.vupen.com/english/advisories/2005/2509 VUPEN:ADV-2005-2867 URL:http://www.vupen.com/english/advisories/2005/2867 VUPEN:ADV-2005-2909 URL:http://www.vupen.com/english/advisories/2005/2909 OVAL:oval:org.mitre.oval:def:1091 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1091 OVAL:oval:org.mitre.oval:def:1299 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1299 OVAL:oval:org.mitre.oval:def:1303 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1303 OVAL:oval:org.mitre.oval:def:1489 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1489 OVAL:oval:org.mitre.oval:def:1508 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1508 OVAL:oval:org.mitre.oval:def:722 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A722 SECTRACK:1015251 URL:http://securitytracker.com/id?1015251 SECUNIA:15368 URL:http://secunia.com/advisories/15368 SECUNIA:15546 URL:http://secunia.com/advisories/15546 SECUNIA:18064 URL:http://secunia.com/advisories/18064 SECUNIA:18311 URL:http://secunia.com/advisories/18311
Assigning CNA
N/A
Date Entry Created
20050601	Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20050601)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE list, which standardizes names for security problems.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org