CVE

Id
14035  
CVE No.
CVE-2005-2829  
Status
Candidate  
Description
Multiple design errors in Microsoft Internet Explorer 5.01, 5.5, and 6 allow user-assisted attackers to execute arbitrary code by (1) overlaying a malicious new window above a file download box, then (2) using a keyboard shortcut and delaying the display of the file download box until the user hits a shortcut that activates the "Run" button, aka "File Download Dialog Box Manipulation Vulnerability."  
Phase
Assigned (20050907)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
103450 14035 CVE-2005-2829 BUGTRAQ:20051213 Secunia Research: Internet Explorer Suppressed "Download Dialog"Vulnerability  View
103451 14035 CVE-2005-2829 URL:http://www.securityfocus.com/archive/1/archive/1/419395/100/0/threaded  View
103452 14035 CVE-2005-2829 MISC:http://secunia.com/secunia_research/2005-21/advisory  View
103453 14035 CVE-2005-2829 FULLDISC:20051213 Secunia Research: Microsoft Internet Explorer Keyboard Shortcut Processing Vulnerability  View
103454 14035 CVE-2005-2829 URL:http://marc.info/?l=full-disclosure&m=113450519906463&w=2  View
103455 14035 CVE-2005-2829 MISC:http://secunia.com/secunia_research/2005-7/advisory/  View
103456 14035 CVE-2005-2829 MISC:http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=375420  View
103457 14035 CVE-2005-2829 CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2005-234.pdf  View
103458 14035 CVE-2005-2829 MS:MS05-054  View
103459 14035 CVE-2005-2829 URL:http://www.microsoft.com/technet/security/bulletin/ms05-054.mspx  View
103460 14035 CVE-2005-2829 BID:15823  View
103461 14035 CVE-2005-2829 URL:http://www.securityfocus.com/bid/15823  View
103462 14035 CVE-2005-2829 VUPEN:ADV-2005-2867  View
103463 14035 CVE-2005-2829 URL:http://www.vupen.com/english/advisories/2005/2867  View
103464 14035 CVE-2005-2829 VUPEN:ADV-2005-2909  View
103465 14035 CVE-2005-2829 URL:http://www.vupen.com/english/advisories/2005/2909  View
103466 14035 CVE-2005-2829 OVAL:oval:org.mitre.oval:def:1209  View
103467 14035 CVE-2005-2829 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1209  View
103468 14035 CVE-2005-2829 OVAL:oval:org.mitre.oval:def:1340  View
103469 14035 CVE-2005-2829 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1340  View
103470 14035 CVE-2005-2829 OVAL:oval:org.mitre.oval:def:1458  View
103471 14035 CVE-2005-2829 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1458  View
103472 14035 CVE-2005-2829 OVAL:oval:org.mitre.oval:def:1490  View
103473 14035 CVE-2005-2829 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1490  View
103474 14035 CVE-2005-2829 OVAL:oval:org.mitre.oval:def:1505  View
103475 14035 CVE-2005-2829 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1505  View
103476 14035 CVE-2005-2829 OVAL:oval:org.mitre.oval:def:1507  View
103477 14035 CVE-2005-2829 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1507  View
103478 14035 CVE-2005-2829 SECTRACK:1015349  View
103479 14035 CVE-2005-2829 URL:http://securitytracker.com/id?1015349  View
103480 14035 CVE-2005-2829 SECUNIA:15368  View
103481 14035 CVE-2005-2829 URL:http://secunia.com/advisories/15368  View
103482 14035 CVE-2005-2829 SECUNIA:18064  View
103483 14035 CVE-2005-2829 URL:http://secunia.com/advisories/18064  View
103484 14035 CVE-2005-2829 SECUNIA:18311  View
103485 14035 CVE-2005-2829 URL:http://secunia.com/advisories/18311  View
103486 14035 CVE-2005-2829 SREASON:254  View
103487 14035 CVE-2005-2829 URL:http://securityreason.com/securityalert/254  View
103488 14035 CVE-2005-2829 XF:ie-dialog-box-code-execution(23448)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
62530 JVNDB-2005-000732 Microsoft Internet Explorer の COM オブジェクトにおけるメモリ領域破壊の脆弱性 ------------ CVE-2005-2831 14035 7.5 http://jvndb.jvn.jp/ja/contents/2005/JVNDB-2005-000732.html  View