Back to search
CVE-2005-2087
Published: Jun 30, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
Internet Explorer 5.01 SP4 up to 6 on various Windows operating systems, including IE 6.0.2900.2180 on Windows XP, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, as demonstrated using the JVIEW Profiler (Javaprxy.dll). NOTE: the researcher says that the vendor could not reproduce this problem.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20050629 SEC-CONSULT SA-20050629-0
mailing-list
x_refsource_BUGTRAQ
oval:org.mitre.oval:def:1326
vdb-entry
signature
x_refsource_OVAL
VU#959049
third-party-advisory
x_refsource_CERT-VN
TA05-193A
third-party-advisory
x_refsource_CERT
oval:org.mitre.oval:def:793
vdb-entry
signature
x_refsource_OVAL
VU#939605
third-party-advisory
x_refsource_CERT-VN
1014329
vdb-entry
x_refsource_SECTRACK
oval:org.mitre.oval:def:1506
vdb-entry
signature
x_refsource_OVAL
14087
vdb-entry
x_refsource_BID
20050702 Microsoft Internet Explorer "javaprxy.dll" Code Execution Exploit
mailing-list
x_refsource_BUGTRAQ
http://www.microsoft.com/technet/security/advisory/903144.mspx
x_refsource_MISC
ie-javaprxydll-execute-code(21193)
vdb-entry
x_refsource_XF
15891
third-party-advisory
x_refsource_SECUNIA
MS05-037
vendor-advisory
x_refsource_MS
17680
vdb-entry
x_refsource_OSVDB
ESB-2005.0489
third-party-advisory
x_refsource_AUSCERT
ADV-2005-0935
vdb-entry
x_refsource_VUPEN
oval:org.mitre.oval:def:1518
vdb-entry
signature
x_refsource_OVAL
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now