Showing 1 - 3 of 3

CVE-2005-2127

Status Candidate

Overview

Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, as originally demonstrated using the (1) DDS Library Shape Control (Msdds.dll) COM object, and other objects including (2) Blnmgrps.dll, (3) Ciodm.dll, (4) Comsvcs.dll, (5) Danim.dll, (6) Htmlmarq.ocx, (7) Mdt2dd.dll (as demonstrated using a heap corruption attack with uninitialized memory), (8) Mdt2qd.dll, (9) Mpg4ds32.ax, (10) Msadds32.ax, (11) Msb1esen.dll, (12) Msb1fren.dll, (13) Msb1geen.dll, (14) Msdtctm.dll, (15) Mshtml.dll, (16) Msoeacct.dll, (17) Msosvfbr.dll, (18) Mswcrun.dll, (19) Netshell.dll, (20) Ole2disp.dll, (21) Outllib.dll, (22) Psisdecd.dll, (23) Qdvd.dll, (24) Repodbc.dll, (25) Shdocvw.dll, (26) Shell32.dll, (27) Soa.dll, (28) Srchui.dll, (29) Stobject.dll, (30) Vdt70.dll, (31) Vmhelper.dll, and (32) Wbemads.dll, aka a variant of the "COM Object Instantiation Memory Corruption vulnerability."

Related Files

Technical Cyber Security Alert 2005-347A: Posted Dec 14, 2005; Authored by US-CERT | Site us-cert.gov; Technical Cyber Security Alert TA05-347A - Microsoft has released updates that address critical vulnerabilities in Internet Explorer (IE). A remote, unauthenticated attacker could exploit these vulnerabilities to execute arbitrary code or cause a denial of service on an affected system.; tags | advisory, remote, denial of service, arbitrary, vulnerability; advisories | CVE-2005-1790, CVE-2005-2127; SHA-256 | a14e4fd409749b1dcb627c71f7d1b18af314e447dde07afe0d11e981090d7f79; Download | Favorite | View

EEYEB-20050915.txt: Posted Oct 12, 2005; Authored by eEye | Site eeye.com; eEye Security Advisory - eEye Digital Security has discovered a vulnerability in the way a Microsoft Design Tools COM object allocates and uses heap memory. An attacker could design a web page or HTML document that exploits the vulnerability in order to execute arbitrary code on the system of a user who views it.; tags | advisory, web, arbitrary; advisories | CVE-2005-2127; SHA-256 | b4712c870bdcac60468002316153f70a792b81b9fe6c673800af6b3c5d03b1bd; Download | Favorite | View

Technical Cyber Security Alert 2005-284A: Posted Oct 12, 2005; Authored by US-CERT | Site cert.org; Microsoft has released updates that address critical vulnerabilities in Windows, Internet Explorer, and Exchange Server. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on an affected system.; tags | advisory, remote, denial of service, arbitrary, vulnerability; systems | windows; advisories | CVE-2005-2120, CVE-2005-1987, CVE-2005-2122, CVE-2005-2128, CVE-2005-2119, CVE-2005-1978, CVE-2005-2127, CVE-2005-0163; SHA-256 | 6c799cf41e6747d9adaea42ead6b8b60f863722c7e7357b362b6afe1010ce3c0; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 229 files
indoushka 167 files
Jay Turla 150 files
Ubuntu 67 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (430)
Apple (2,114)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,124)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (389)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,237)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,845)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,852)
UNIX (9,456)
UnixWare (188)
Windows (6,772)
Other

CVE-2005-2127

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems