CVE-2005-2087 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2005-2087
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-2087

Description: Internet Explorer 5.01 SP4 up to 6 on various Windows operating systems, including IE 6.0.2900.2180 on Windows XP, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, as demonstrated using the JVIEW Profiler (Javaprxy.dll). NOTE: the researcher says that the vendor could not reproduce this problem.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/21193 ST 1014329 SAID Secunia Advisory: SA15891 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1506 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1326 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1518 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:793 OSVDB 17680 MS http://www.microsoft.com/technet/Security/bulletin/ms05-037.mspx MISC http://www.microsoft.com/technet/security/advisory/903144.mspx CERT-VN 959049 939605 CERT http://www.us-cert.gov/cas/techalerts/TA05-193A.html BUGTRAQ http://www.securityfocus.com/archive/1/404055 http://marc.theaimsgroup.com/?l=bugtraq&m=112006764714946&w=2 BID 14087 AUSCERT http://www.auscert.org.au/render.html?it=5225

Return to the previous page.