CVE-2005-2127
Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, as originally demonstrated using the (1) DDS Library Shape Control (Msdds.dll) COM object, and other objects including (2) Blnmgrps.dll, (3) Ciodm.dll, (4) Comsvcs.dll, (5) Danim.dll, (6) Htmlmarq.ocx, (7) Mdt2dd.dll (as demonstrated using a heap corruption attack with uninitialized memory), (8) Mdt2qd.dll, (9) Mpg4ds32.ax, (10) Msadds32.ax, (11) Msb1esen.dll, (12) Msb1fren.dll, (13) Msb1geen.dll, (14) Msdtctm.dll, (15) Mshtml.dll, (16) Msoeacct.dll, (17) Msosvfbr.dll, (18) Mswcrun.dll, (19) Netshell.dll, (20) Ole2disp.dll, (21) Outllib.dll, (22) Psisdecd.dll, (23) Qdvd.dll, (24) Repodbc.dll, (25) Shdocvw.dll, (26) Shell32.dll, (27) Soa.dll, (28) Srchui.dll, (29) Stobject.dll, (30) Vdt70.dll, (31) Vmhelper.dll, and (32) Wbemads.dll, aka a variant of the "COM Object Instantiation Memory Corruption vulnerability."
EPSS 42.05% · 97.5th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| microsoft | office | 2000, xp, xp |
| microsoft | .net_framework | 1.1, 1.1, 1.1 |
| microsoft | project | 2000, 2002, 2003 |
| ati | catalyst_driver | |
| n/a | n/a | n/a |
| microsoft | visual_studio_.net | gold, 2003, gold |
| microsoft | visio | 2002, 2002, 2003 |
Timeline
- Aug 19, 2005 CVE Published
- Jul 30, 2010 PoC Published
- Sep 23, 2014 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 1, 2022 CVE Updated
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- Apr 25, 2023 EPSS Score
References
- VU#959049 third-party-advisory
- http://isc.sans.org/diary.php?date=2005-08-18 url
- 20070606 IE 6/Microsoft Html Popup Window (mshtml.dll) DoS mailing-list
- 72 third-party-advisory
- http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf url
- TA05-347A third-party-advisory
- MS05-052 vendor-advisory
- 15061 vdb
- 17223 third-party-advisory
- oval:org.mitre.oval:def:1454 vdb
- 16480 third-party-advisory
- http://www.microsoft.com/technet/security/advisory/906267.mspx url
- microsoft-ie-mshtml-dos(34754) vdb
- 17172 third-party-advisory
- oval:org.mitre.oval:def:1538 vdb
- Win-msdss-command-execution(21895) vdb
- oval:org.mitre.oval:def:1535 vdb
- 14594 vdb
- oval:org.mitre.oval:def:1468 vdb
- 17509 third-party-advisory
…and 9 more