Vulnerability Name: | CVE-2005-4844 (CCN-40087) | ||||||||
Assigned: | 2005-03-01 | ||||||||
Published: | 2005-03-01 | ||||||||
Updated: | 2021-07-23 | ||||||||
Summary: | The CLSID_ApprenticeICW control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer. | ||||||||
CVSS v3 Severity: | 3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||
CVSS v2 Severity: | 7.1 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C) 5.8 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C/E:U/RL:U/RC:UR)
2.1 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P/E:U/RL:U/RC:UR)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Denial of Service | ||||||||
References: | Source: CCN Type: BugTraq Mailing List, Tue Mar 01 2005 - 08:59:35 CST IObjectSafety and Internet Explorer Source: MITRE Type: CNA CVE-2005-4841 Source: MITRE Type: CNA CVE-2005-4842 Source: MITRE Type: CNA CVE-2005-4843 Source: MITRE Type: CNA CVE-2005-4844 Source: MITRE Type: CNA CVE-2005-4845 Source: CCN Type: Microsoft Internet Explorer Web site Internet Explorer: Home Page Source: CCN Type: OSVDB ID: 45438 Microsoft IE IObjectSafety Outlook Progress Ctl ActiveX Control COM Object Creation DoS Source: CCN Type: OSVDB ID: 45439 Microsoft IE IObjectSafety System Monitor Source Properties ActiveX Control COM Object Creation DoS Source: CCN Type: OSVDB ID: 45440 Microsoft IE IObjectSafety SmartConnect Class ActiveX Control COM Object Creation DoS Source: CCN Type: OSVDB ID: 45441 Microsoft IE IObjectSafety CLSID_ApprenticeICW ActiveX Control COM Object Creation DoS Source: CCN Type: OSVDB ID: 45442 Microsoft IE IObjectSafety Java Plug-in ActiveX COM Object Creation DoS Source: BUGTRAQ Type: UNKNOWN 20050301 IObjectSafety and Internet Explorer Source: XF Type: UNKNOWN ie-multiple-activex-dos(40087) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||
BACK |