VDB
CVE-2005-0056
CVE-2005-0056
PUBLISHED
CVSS 5.099999904632568 MEDIUM
Internet Explorer 5.01, 5.5, and 6 does not properly validate certain URLs in Channel Definition Format (CDF) files, which allows remote attackers to obtain sensitive information or execute arbitrary code, aka the "Channel Definition Format (CDF) Cross Domain Vulnerability."
EPSS 29.55% · 96.7th percentile
Risk Scores
CVSS 2.0
5.099999904632568
EPSS Score
29.55%
96.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| microsoft | internet_explorer | 5.01, 5.5 |
| n/a | n/a | n/a |
| microsoft | ie | 6 |
Timeline
- Feb 8, 2005 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 25, 2023 EPSS Score
- May 31, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Oct 30, 2023 EPSS Score
References
- http://www.kb.cert.org/vuls/id/823971 url
- http://www.securityfocus.com/bid/12427 url
- oval:org.mitre.oval:def:2817 vdb
- oval:org.mitre.oval:def:2385 vdb
- MS05-014 vendor-advisory
- TA05-039A third-party-advisory
- ie-cdf-execute-code(19137) vdb
- 1013126 vdb
- oval:org.mitre.oval:def:4085 vdb
- oval:org.mitre.oval:def:4947 vdb
- oval:org.mitre.oval:def:3318 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2005-0056 advisory