CVE-2005-0554

Microsoft Internet Explorer 5.01, 5.5, 6 - Buffer Overflow via Long Hostname URL

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-0554. PoCs published by Skylined.

AI-analyzed exploit summary This exploit targets multiple DHTML object handling vulnerabilities in Microsoft Internet Explorer, leveraging JavaScript to trigger exceptions and potentially cause denial-of-service (DoS) conditions. The PoC attempts to manipulate DOM elements in a way that exploits improper handling of object references.

Description

Buffer overflow in the URL processor of Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL with a long hostname, aka "URL Parsing Memory Corruption Vulnerability."

Exploits (1)

exploitdb WORKING POC VERIFIED

by Skylined · htmldoswindows

https://www.exploit-db.com/exploits/931

View Code ZIP pw:eip

This exploit targets multiple DHTML object handling vulnerabilities in Microsoft Internet Explorer, leveraging JavaScript to trigger exceptions and potentially cause denial-of-service (DoS) conditions. The PoC attempts to manipulate DOM elements in a way that exploits improper handling of object references.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Internet Explorer (versions affected by CVE-2005-0554)

No auth needed

Prerequisites: Victim must visit a malicious webpage using a vulnerable version of Internet Explorer

MITRE ATT&CK