VYPR
Unrated severityNVD Advisory· Published May 2, 2005· Updated Jun 16, 2026

CVE-2005-0054

CVE-2005-0054

Description

Internet Explorer 5.01, 5.5, and 6 allows remote attackers to spoof a less restrictive security zone and execute arbitrary code via an HTML page containing URLs that contain hostnames that have been double hex encoded, which are decoded twice to generate a malicious hostname, aka the "URL Decoding Zone Spoofing Vulnerability."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*
    • (no CPE)range: 5.01, 5.5, 6

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.