CVE-2005-2831Out-of-bounds Write in Microsoft IE

3 documents3 sources
Severity
7.5HIGHNVD
EPSS
51.6%
top 2.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft IEMicrosoft Internet Explorer
Timeline
PublishedDec 14
Latest updateMay 1

Description

Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, aka a variant of the "COM Object Instantiation Memory Corruption Vulnerability," a different vulnerability than CVE-2005-2127.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

NVDmicrosoft/internet_explorer5.0.1, 5.5, 6.0+2
NVDmicrosoft/ie6.0

Patches

Patch: www.securityfocus.comPatch: www.us-cert.govPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-h2vf-jw82-xqc6: Microsoft Internet Explorer 52022-05-01
CVEList
CVE-2005-2831: Microsoft Internet Explorer 52005-12-14
CVE-2005-2831 — Out-of-bounds Write in Microsoft IE | cvebase