Unrated severityNVD Advisory· Published Dec 14, 2005· Updated Jun 16, 2026
CVE-2005-2829
CVE-2005-2829
Description
Multiple design errors in Microsoft Internet Explorer 5.01, 5.5, and 6 allow user-assisted attackers to execute arbitrary code by (1) overlaying a malicious new window above a file download box, then (2) using a keyboard shortcut and delaying the display of the file download box until the user hits a shortcut that activates the "Run" button, aka "File Download Dialog Box Manipulation Vulnerability."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp4:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp4:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
- (no CPE)range: <=6
Patches
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
22- secunia.com/secunia_research/2005-21/advisorynvdPatchVendor Advisory
- secunia.com/secunia_research/2005-7/advisory/nvdPatchVendor Advisory
- www.securityfocus.com/bid/15823nvdPatch
- secunia.com/advisories/15368nvdVendor Advisory
- secunia.com/advisories/18064nvdVendor Advisory
- secunia.com/advisories/18311nvdVendor Advisory
- www.vupen.com/english/advisories/2005/2867nvdVendor Advisory
- www.vupen.com/english/advisories/2005/2909nvdVendor Advisory
- marc.infonvd
- securityreason.com/securityalert/254nvd
- securitytracker.com/idnvd
- support.avaya.com/elmodocs2/security/ASA-2005-234.pdfnvd
- www.securityfocus.com/archive/1/419395/100/0/threadednvd
- www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jspnvd
- docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-054nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/23448nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1209nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1340nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1458nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1490nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1505nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1507nvd
News mentions
0No linked articles in our index yet.