Showing 1 - 3 of 3

CVE-2005-2127

Status Candidate

Overview

Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, as originally demonstrated using the (1) DDS Library Shape Control (Msdds.dll) COM object, and other objects including (2) Blnmgrps.dll, (3) Ciodm.dll, (4) Comsvcs.dll, (5) Danim.dll, (6) Htmlmarq.ocx, (7) Mdt2dd.dll (as demonstrated using a heap corruption attack with uninitialized memory), (8) Mdt2qd.dll, (9) Mpg4ds32.ax, (10) Msadds32.ax, (11) Msb1esen.dll, (12) Msb1fren.dll, (13) Msb1geen.dll, (14) Msdtctm.dll, (15) Mshtml.dll, (16) Msoeacct.dll, (17) Msosvfbr.dll, (18) Mswcrun.dll, (19) Netshell.dll, (20) Ole2disp.dll, (21) Outllib.dll, (22) Psisdecd.dll, (23) Qdvd.dll, (24) Repodbc.dll, (25) Shdocvw.dll, (26) Shell32.dll, (27) Soa.dll, (28) Srchui.dll, (29) Stobject.dll, (30) Vdt70.dll, (31) Vmhelper.dll, and (32) Wbemads.dll, aka a variant of the "COM Object Instantiation Memory Corruption vulnerability."

Related Files

Technical Cyber Security Alert 2005-347A: Posted Dec 14, 2005; Authored by US-CERT | Site us-cert.gov; Technical Cyber Security Alert TA05-347A - Microsoft has released updates that address critical vulnerabilities in Internet Explorer (IE). A remote, unauthenticated attacker could exploit these vulnerabilities to execute arbitrary code or cause a denial of service on an affected system.; tags | advisory, remote, denial of service, arbitrary, vulnerability; advisories | CVE-2005-1790, CVE-2005-2127; SHA-256 | a14e4fd409749b1dcb627c71f7d1b18af314e447dde07afe0d11e981090d7f79; Download | Favorite | View

EEYEB-20050915.txt: Posted Oct 12, 2005; Authored by eEye | Site eeye.com; eEye Security Advisory - eEye Digital Security has discovered a vulnerability in the way a Microsoft Design Tools COM object allocates and uses heap memory. An attacker could design a web page or HTML document that exploits the vulnerability in order to execute arbitrary code on the system of a user who views it.; tags | advisory, web, arbitrary; advisories | CVE-2005-2127; SHA-256 | b4712c870bdcac60468002316153f70a792b81b9fe6c673800af6b3c5d03b1bd; Download | Favorite | View

Technical Cyber Security Alert 2005-284A: Posted Oct 12, 2005; Authored by US-CERT | Site cert.org; Microsoft has released updates that address critical vulnerabilities in Windows, Internet Explorer, and Exchange Server. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on an affected system.; tags | advisory, remote, denial of service, arbitrary, vulnerability; systems | windows; advisories | CVE-2005-2120, CVE-2005-1987, CVE-2005-2122, CVE-2005-2128, CVE-2005-2119, CVE-2005-1978, CVE-2005-2127, CVE-2005-0163; SHA-256 | 6c799cf41e6747d9adaea42ead6b8b60f863722c7e7357b362b6afe1010ce3c0; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 239 files
Ubuntu 62 files
Debian 23 files
LiquidWorm 20 files
Apple 9 files
indoushka 5 files
Gentoo 5 files
Google Security Research 4 files
Chokri Hammedi 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,862)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,265)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,976)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

CVE-2005-2127

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems