mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
922 B
922 B
CVE-2005-0054
Description
Internet Explorer 5.01, 5.5, and 6 allows remote attackers to spoof a less restrictive security zone and execute arbitrary code via an HTML page containing URLs that contain hostnames that have been double hex encoded, which are decoded twice to generate a malicious hostname, aka the "URL Decoding Zone Spoofing Vulnerability."
POC
Reference
- http://marc.info/?l=bugtraq&m=110796851002781&w=2
- http://www.kb.cert.org/vuls/id/580299
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-014
Github
No PoCs found on GitHub currently.