CVE-2005-0053

EXPLOITED

Internet Explorer <6 - RCE

Title source: llm

Description

Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the "Drag-and-Drop Vulnerability."

Exploits (1)

exploitdb WRITEUP VERIFIED

by http-equiv · textremotewindows

https://www.exploit-db.com/exploits/24693

View Code ZIP pw:eip

References (13)

[Patch, US Government Resource] http://www.kb.cert.org/vuls/id/698835

[Exploit, Patch] http://www.securityfocus.com/bid/11466

[Patch, US Government Resource] http://www.us-cert.gov/cas/techalerts/TA05-039A.html

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/19117

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-008

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-014

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1015

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1334

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2046

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2953

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3006

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4726

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4864

Scores

EPSS 0.6588

EPSS Percentile 98.5%

Details

VulnCheck KEV 2005-02-08

Status published

Products (14)

microsoft/ie 6.0 sp1 (2 CPE variants)

microsoft/internet_explorer 5.0.1 (5 CPE variants)

microsoft/internet_explorer 5.5 (3 CPE variants)

microsoft/internet_explorer 6.0

microsoft/windows_2000 (5 CPE variants)

microsoft/windows_2003_server enterprise

microsoft/windows_2003_server enterprise_64-bit

microsoft/windows_2003_server r2 (2 CPE variants)

microsoft/windows_2003_server standard

microsoft/windows_2003_server web

... and 4 more

Published May 02, 2005

Tracked Since Feb 18, 2026