CVE-2005-4717

CVE Database · CVE-2005-4717

CVE-2005-4717

· N/AModified

CVSS v3.1

N/A

EPSS

16.17%

Published

Dec 31, 2005

Modified

Apr 15, 2026

Public PoC / Exploit (1)

All weaponized →

Exploit-DBMicrosoft Internet Explorer 6 - Malformed HTML Parsing Denial of Service (1)

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1, Windows XP SP2, and Windows Server 2003 SP1 allows remote attackers to cause a denial of service (client crash) via a certain combination of a malformed HTML file and a CSS file that triggers a null dereference, probably related to rendering of a DIV element that contains a malformed IMG tag, as demonstrated by IEcrash.htm and IEcrash.rar.

Affected Products (8)

microsoft · ievulnerable

microsoft · internet_explorervulnerable

microsoft · windows_2000vulnerable

microsoft · windows_2003_servervulnerable

microsoft · windows_ntvulnerable

microsoft · windows_xpvulnerable

References (6)

http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0673.html

Exploit

http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0127.html

http://www.securityfocus.com/bid/15268