CVE-2005-4717

N/A Unknown

Published: December 31, 2005 Modified: April 16, 2026

Description

Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1, Windows XP SP2, and Windows Server 2003 SP1 allows remote attackers to cause a denial of service (client crash) via a certain combination of a malformed HTML file and a CSS file that triggers a null dereference, probably related to rendering of a DIV element that contains a malformed IMG tag, as demonstrated by IEcrash.htm and IEcrash.rar.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0673.html

Source: cve@mitre.org

Exploit

http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0127.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/15268

Source: cve@mitre.org

Exploit

http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0673.html

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0127.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/15268

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

6 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

17.5%

95th percentile

Exploitation Status

Not in CISA KEV

Affected Vendors

microsoft