Oval Definition:oval:org.mitre.oval:def:1558
Revision Date:2014-02-24Version:48
Title:Win2K,SP4 COM Object Instantiation Memory Corruption Vulnerability
Description:Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, aka a variant of the "COM Object Instantiation Memory Corruption Vulnerability," a different vulnerability than CVE-2005-2127.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2005-2831
Platform(s):Microsoft Windows 2000
Product(s):Microsoft Internet Explorer
Definition Synopsis
  • Windows 2000 Service Pack 4 (or later) is installed
  • Windows 2000 is installed
  • AND Win2K/XP/2003 service pack 4 (or later) is installed
  • AND Internet Explorer 5.01 Service Pack 4 is installed
  • AND the version of mshtml.dll is less than 5.0.3835.2200
  • BACK