Back to search
CVE-2005-0056
Published: Feb 8, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
Internet Explorer 5.01, 5.5, and 6 does not properly validate certain URLs in Channel Definition Format (CDF) files, which allows remote attackers to obtain sensitive information or execute arbitrary code, aka the "Channel Definition Format (CDF) Cross Domain Vulnerability."
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
oval:org.mitre.oval:def:2817
vdb-entry
signature
x_refsource_OVAL
oval:org.mitre.oval:def:2385
vdb-entry
signature
x_refsource_OVAL
MS05-014
vendor-advisory
x_refsource_MS
TA05-039A
third-party-advisory
x_refsource_CERT
12427
vdb-entry
x_refsource_BID
ie-cdf-execute-code(19137)
vdb-entry
x_refsource_XF
1013126
vdb-entry
x_refsource_SECTRACK
oval:org.mitre.oval:def:4085
vdb-entry
signature
x_refsource_OVAL
oval:org.mitre.oval:def:4947
vdb-entry
signature
x_refsource_OVAL
VU#823971
third-party-advisory
x_refsource_CERT-VN
oval:org.mitre.oval:def:3318
vdb-entry
signature
x_refsource_OVAL
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now