CVE-2005-2831
Last modified
CVE-2005-2831 is a vulnerability of currently unknown severity. Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, aka a variant of the "COM Object Instantiation Memory Corruption Vulnerability," a different vulnerability than CVE-2005-2127.. EPSS estimates a 30.14% chance of exploitation in the next 30 days.
Description
Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, aka a variant of the "COM Object Instantiation Memory Corruption Vulnerability," a different vulnerability than CVE-2005-2127.
Metrics
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Microsoft | Ie | 6.0 | Sp1 |
| Microsoft | Internet Explorer | 5.0.1 | — |
| Microsoft | Internet Explorer | 5.5 | — |
| Microsoft | Internet Explorer | 6.0 | — |
References
- http://www.kb.cert.org/vuls/id/959049US Government Resource
- http://www.us-cert.gov/cas/techalerts/TA05-347A.htmlPatch, Third Party Advisory, US Government Resource
- http://www.kb.cert.org/vuls/id/959049US Government Resource
- http://www.us-cert.gov/cas/techalerts/TA05-347A.htmlPatch, Third Party Advisory, US Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2005-2831?
How severe is CVE-2005-2831?
How do I fix CVE-2005-2831?
Are you affected by CVE-2005-2831?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST