Phase:Buffer overflow in the URL processor of Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL with a long hostname, aka "URL Parsing Memory Corruption Vulnerability."
ReferencesIDEFENSE:Tuesday, April 12, 2005 Microsoft Windows Internet Explorer Long Hostname Heap Corruption Vulnerability | URL:http://www.idefense.com/application/poi/display?id=229&type=vulnerabilities | MS:MS05-020 | URL:http://www.microsoft.com/technet/Security/b
Votes:Assigned (Saturday, February 26, 2005)
Comments:None (candidate not yet proposed)
F7: