5.1

CVE-2005-1990

EPSS 82.18%
Published 10.08.2005 04:00:00
Last modified 03.04.2025 01:03:51
Source secure@microsoft.com
Teams watchlist Login
Open Login

Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, including (1) devenum.dll, (2) diactfrm.dll, (3) wmm2filt.dll, (4) fsusd.dll, (5) dmdskmgr.dll, (6) browsewm.dll, (7) browseui.dll, (8) shell32.dll, (9) mshtml.dll, (10) inetcfg.dll, (11) infosoft.dll, (12) query.dll, (13) syncui.dll, (14) clbcatex.dll, (15) clbcatq.dll, (16) comsvcs.dll, and (17) msconf.dll, which causes memory corruption, aka "COM Object Instantiation Memory Corruption Vulnerability," a different vulnerability than CVE-2005-2087.

Affected products Warnungen 0 Metrics 2 CWE 0 References 15

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Ie Version6 Updatewindows_server_2003_sp1

Microsoft ≫ Internet Explorer Version5.01

Microsoft ≫ Internet Explorer Version5.5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	82.18%	0.991

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.1	4.9	6.4	AV:N/AC:H/Au:N/C:P/I:P/A:P

http://www.kb.cert.org/vuls/id/959049

US Government Resource

http://www.us-cert.gov/cas/techalerts/TA05-221A.html

Patch

US Government Resource

http://secunia.com/advisories/16373/

Patch

Vendor Advisory

http://www.vupen.com/english/advisories/2005/1353

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-038

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100082

http://securitytracker.com/id?1014643

http://www.securityfocus.com/bid/14511

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1061

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1221

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1235

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1337

https://nvd.nist.gov/vuln/detail/CVE-2005-1990

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-1990

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-1990

EUVD