First published: Thu Jun 30 2005(Updated: )
Internet Explorer 5.01 SP4 up to 6 on various Windows operating systems, including IE 6.0.2900.2180 on Windows XP, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, as demonstrated using the JVIEW Profiler (Javaprxy.dll). NOTE: the researcher says that the vendor could not reproduce this problem.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Ie | =5.2.3 | |
Microsoft Ie | =5.1 | |
Microsoft Internet Explorer | =5.01-sp4 | |
Microsoft Ie | =6-windows_server_2003_sp1 | |
Microsoft Internet Explorer | =5.5-sp2 | |
Microsoft Internet Explorer | =5.5 | |
Microsoft Internet Explorer | =5.1 | |
Microsoft Internet Explorer | =5.5-preview | |
Microsoft Internet Explorer | =5.5-sp1 | |
Microsoft Internet Explorer | =6.0 | |
Microsoft Internet Explorer | =6.0.2900.2180 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.