Vulnerability Details : CVE-2005-0110
Internet Explorer 6 on Windows XP SP2 allows remote attackers to bypass the file download warning dialog and possibly trick an unknowledgeable user into executing arbitrary code via a web page with a body element containing an onclick tag, as demonstrated using the createElement function.
Products affected by CVE-2005-0110
- cpe:2.3:a:microsoft:ie:6.0:sp2:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-0110
2.70%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 85 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2005-0110
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.6
|
LOW | AV:N/AC:H/Au:N/C:N/I:P/A:N |
4.9
|
2.9
|
NIST |
References for CVE-2005-0110
-
http://marc.info/?l=full-disclosure&m=110569119106172&w=2
'[Full-Disclosure] Internet Explorer (SP2) - Remote File Download' - MARC
Jump to