5

CVE-2005-2087

Internet Explorer 5.01 SP4 up to 6 on various Windows operating systems, including IE 6.0.2900.2180 on Windows XP, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, as demonstrated using the JVIEW Profiler (Javaprxy.dll).  NOTE: the researcher says that the vendor could not reproduce this problem.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftIe Version5.1 Editionmac_os
MicrosoftIe Version5.2.3 Editionmacintosh
MicrosoftIe Version6 Updatewindows_server_2003_sp1
MicrosoftInternet Explorer Version5.1
MicrosoftInternet Explorer Version5.01 Updatesp4
MicrosoftInternet Explorer Version5.5
MicrosoftInternet Explorer Version5.5 Updatepreview
MicrosoftInternet Explorer Version5.5 Updatesp1
MicrosoftInternet Explorer Version5.5 Updatesp2
MicrosoftInternet Explorer Version6.0
MicrosoftInternet Explorer Version6.0.2900.2180
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 61.37% 0.99
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://marc.info/?l=bugtraq&m=112006764714946&w=2
http://secunia.com/advisories/15891
Vendor Advisory
http://securitytracker.com/id?1014329
http://www.auscert.org.au/render.html?it=5225
http://www.kb.cert.org/vuls/id/939605
US Government Resource
http://www.kb.cert.org/vuls/id/959049
US Government Resource
http://www.microsoft.com/technet/security/advisory/903144.mspx
http://www.osvdb.org/17680
http://www.securityfocus.com/archive/1/404055
http://www.securityfocus.com/bid/14087
http://www.us-cert.gov/cas/techalerts/TA05-193A.html
US Government Resource
http://www.vupen.com/english/advisories/2005/0935
Vendor Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-037
https://exchange.xforce.ibmcloud.com/vulnerabilities/21193
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1326
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1506
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1518
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A793