Vulnerability Details CVE-2005-0056
Internet Explorer 5.01, 5.5, and 6 does not properly validate certain URLs in Channel Definition Format (CDF) files, which allows remote attackers to obtain sensitive information or execute arbitrary code, aka the "Channel Definition Format (CDF) Cross Domain Vulnerability."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.325
EPSS Ranking 96.6%
CVSS Severity
CVSS v2 Score 5.1
References
- http://securitytracker.com/id?1013126
- http://www.kb.cert.org/vuls/id/823971
- http://www.securityfocus.com/bid/12427
- http://www.us-cert.gov/cas/techalerts/TA05-039A.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-014
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19137
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2385
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2817
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3318
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4085
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4947
- http://securitytracker.com/id?1013126
- http://www.kb.cert.org/vuls/id/823971
- http://www.securityfocus.com/bid/12427
- http://www.us-cert.gov/cas/techalerts/TA05-039A.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-014
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19137
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2385
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2817
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3318
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4085
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4947
Products affected by CVE-2005-0056
-
cpe:2.3:a:microsoft:ie:6
-
cpe:2.3:a:microsoft:internet_explorer:5.01
-
cpe:2.3:a:microsoft:internet_explorer:5.5