Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2127

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-2127
Last Modified 07 Mar 2011 09:23:28
Published 19 Aug 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2127

Summary

Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, as originally demonstrated using the (1) DDS Library Shape Control (Msdds.dll) COM object, and other objects including (2) Blnmgrps.dll, (3) Ciodm.dll, (4) Comsvcs.dll, (5) Danim.dll, (6) Htmlmarq.ocx, (7) Mdt2dd.dll (as demonstrated using a heap corruption attack with uninitialized memory), (8) Mdt2qd.dll, (9) Mpg4ds32.ax, (10) Msadds32.ax, (11) Msb1esen.dll, (12) Msb1fren.dll, (13) Msb1geen.dll, (14) Msdtctm.dll, (15) Mshtml.dll, (16) Msoeacct.dll, (17) Msosvfbr.dll, (18) Mswcrun.dll, (19) Netshell.dll, (20) Ole2disp.dll, (21) Outllib.dll, (22) Psisdecd.dll, (23) Qdvd.dll, (24) Repodbc.dll, (25) Shdocvw.dll, (26) Shell32.dll, (27) Soa.dll, (28) Srchui.dll, (29) Stobject.dll, (30) Vdt70.dll, (31) Vmhelper.dll, and (32) Wbemads.dll, aka a variant of the "COM Object Instantiation Memory Corruption vulnerability."

Vulnerable Systems

Application

  • Ati Catalyst Driver

  • Microsoft .net Framework 1.1

  • Microsoft Office

  • Microsoft Office 2000

  • Microsoft Office Xp

  • Microsoft Project 2000

  • Microsoft Project 2002

  • Microsoft Project 2003

  • Microsoft Project 98

  • Microsoft Visio 2000

  • Microsoft Visio 2002

  • Microsoft Visio 2003

  • Microsoft Visual Studio .net 2002

  • Microsoft Visual Studio .net 2003

  • Microsoft Visual Studio .net Gold


References

CERT - TA05-284A

CERT-VN - VU#959049

CERT-VN - VU#740372

CERT - TA06-220A

CERT - TA05-347A

CERT-VN - VU#898241

BID - 14594

MS - MS05-052

SECTRACK - 1014727

SECUNIA - 16480

XF - Win-msdss-command-execution(21895)

VUPEN - ADV-2005-1450

MISC - http://www.microsoft.com/technet/security/advisory/906267.mspx

MISC - http://isc.sans.org/diary.php?date=2005-08-18

XF - microsoft-ie-mshtml-dos(34754)

BID - 15061

BUGTRAQ - 20070606 IE 6/Microsoft Html Popup Window (mshtml.dll) DoS

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf

SREASON - 72

SECUNIA - 17509

SECUNIA - 17223

SECUNIA - 17172


Last Updated: 27 May 2016 10:40:24