Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to bypass the Kill bit settings for dangerous ActiveX controls via unknown vectors involving crafted HTML, which can expose the browser to attacks that would otherwise be prevented by the Kill bit setting. NOTE: CERT/CC claims that MS05-054 fixes this issue, but it is not described in MS05-054.
References
Link | Resource |
---|---|
http://www.kb.cert.org/vuls/id/998297 | Third Party Advisory US Government Resource |
http://www.microsoft.com/technet/security/bulletin/ms05-054.mspx | Patch Vendor Advisory |
http://www.osvdb.org/23657 | |
http://www.securityfocus.com/bid/16409 | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/24379 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: certcc
Published: 2006-01-27T22:00:00
Updated: 2017-07-19T15:57:01
Reserved: 2006-01-01T00:00:00
Link: CVE-2006-0057
JSON object: View
NVD Information
Status : Modified
Published: 2006-01-27T22:03:00.000
Modified: 2021-07-23T12:19:59.737
Link: CVE-2006-0057
JSON object: View
Redhat Information
No data.
CWE