Oval Definition:oval:org.mitre.oval:def:1973
Revision Date:2014-02-24Version:48
Title:COM Object Instantiation Memory Corruption Vulnerability (2K/XP)
Description:Multiple unspecified vulnerabilities in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allow remote attackers to execute arbitrary code by instantiating certain COM objects from Wmm2fxa.dll as ActiveX controls including (1) DXImageTransform.Microsoft.MMSpecialEffect1Input, (2) DXImageTransform.Microsoft.MMSpecialEffect1Input.1, (3) DXImageTransform.Microsoft.MMSpecialEffect2Inputs, (4) DXImageTransform.Microsoft.MMSpecialEffect2Inputs.1, (5) DXImageTransform.Microsoft.MMSpecialEffectInplace1Input, and (6) DXImageTransform.Microsoft.MMSpecialEffectInplace1Input.1, which causes memory corruption during garbage collection.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2006-1303
Platform(s):Microsoft Windows 2000
Microsoft Windows XP
Product(s):Microsoft Internet Explorer
Definition Synopsis
  • Win2K or XP,SP1 is installed
  • Windows 2000 is installed
  • OR Windows XP 32-bit SP1 is installed
  • Windows XP 32-bit edition is installed
  • Windows XP is installed
  • AND 32-Bit version of Windows is installed
  • AND Win2K/XP/2003/Vista service pack 1 is installed
  • AND Internet Explorer 6 Service Pack 1 is installed
  • AND the version of mshtml.dll is less than 6.0.2800.1555
    • BACK