CVE-2005-0055

Internet Explorer 5.01, 5.5, and 6 does not properly validate buffers when handling certain DHTML methods including the createControlRange Javascript function, which allows remote attackers to execute arbitrary code, aka the "DHTML Method Heap Memory Corruption Vulnerability."

Published: May 2, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-0055
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / ie	6.0-sp1	6.0-sp1.x
microsoft / ie	6.0-sp2	6.0-sp2.x
microsoft / internet_explorer	5.5-sp2	5.5-sp2.x
microsoft / internet_explorer	5.0.1	5.0.1.x
microsoft / internet_explorer	5.0.1-sp2	5.0.1-sp2.x
microsoft / internet_explorer	5.0.1-sp3	5.0.1-sp3.x
microsoft / internet_explorer	5.0.1-sp4	5.0.1-sp4.x
microsoft / internet_explorer	5.0.1-sp1	5.0.1-sp1.x
microsoft / internet_explorer	5.5	5.5.x
microsoft / internet_explorer	5.5-sp1	5.5-sp1.x
microsoft / internet_explorer	6.0	6.0.x

Vulnerability Database

290,278

CVE-2005-0055