CVE-2005-4717

medium

Microsoft

CVSS v3 Base Score

5.0

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS Score

17.5%

Exploitation probability in 30 days

Top 5% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Confidentiality

None

Integrity

None

Availability

Published: December 31, 2005 (7439 days ago)

Last Modified: April 16, 2026

Vendor: Microsoft

Source: NVD

Description

Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1, Windows XP SP2, and Windows Server 2003 SP1 allows remote attackers to cause a denial of service (client crash) via a certain combination of a malformed HTML file and a CSS file that triggers a null dereference, probably related to rendering of a DIV element that contains a malformed IMG tag, as demonstrated by IEcrash.htm and IEcrash.rar.

CWE

NVD-CWE-Other

Affected Products

microsoft iemicrosoft internet explorermicrosoft windows 2000microsoft windows 2003 servermicrosoft windows ntmicrosoft windows xp

References

🔗 archives.neohapsis.com 🔗 archives.neohapsis.com 🔗 www.securityfocus.com 🔗 archives.neohapsis.com 🔗 archives.neohapsis.com

CVE-2005-4717

Vulnerability Report

Description

CWE

Affected Products

References