CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:N/I:N/A:P
EPSS
Percentile
99.9%
Added: 12/01/2005
CVE: CVE-2005-1790
BID: 13799
OSVDB: 17094
Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems.
Internet Explorer fails to properly initialize the **window()**
function when called from an **onLoad**
event in a **body**
tag. This causes it to call a deferenced memory address, leading to the possibility of command execution.
Apply a Microsoft update when available.
<http://www.securityfocus.com/archive/1/417326>
This exploit requires a user on the target system to follow a link to the exploit using Internet Explorer.
Windows