CVE-2005-2831
Vulnerability from cvelistv5
Published
2005-12-14 11:00
Modified
2024-08-07 22:45
Severity ?
Summary
Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, aka a variant of the "COM Object Instantiation Memory Corruption Vulnerability," a different vulnerability than CVE-2005-2127.
References
secure@microsoft.comhttp://secunia.com/advisories/15368
secure@microsoft.comhttp://secunia.com/advisories/18064
secure@microsoft.comhttp://secunia.com/advisories/18311
secure@microsoft.comhttp://securitytracker.com/id?1015348
secure@microsoft.comhttp://support.avaya.com/elmodocs2/security/ASA-2005-234.pdf
secure@microsoft.comhttp://www.kb.cert.org/vuls/id/959049US Government Resource
secure@microsoft.comhttp://www.osvdb.org/21763
secure@microsoft.comhttp://www.securityfocus.com/bid/15827Patch
secure@microsoft.comhttp://www.us-cert.gov/cas/techalerts/TA05-347A.htmlPatch, Third Party Advisory, US Government Resource
secure@microsoft.comhttp://www.vupen.com/english/advisories/2005/2867
secure@microsoft.comhttp://www.vupen.com/english/advisories/2005/2909
secure@microsoft.comhttp://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=375420
secure@microsoft.comhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-054
secure@microsoft.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/23453
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1426
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1475
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1520
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1543
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1558
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1597
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/15368
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18064
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18311
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015348
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2005-234.pdf
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/959049US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/21763
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/15827Patch
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA05-347A.htmlPatch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/2867
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/2909
af854a3a-2127-422b-91ae-364da2661108http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=375420
af854a3a-2127-422b-91ae-364da2661108https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-054
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/23453
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1426
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1475
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1520
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1543
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1558
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1597
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T22:45:02.395Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1015348",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015348"
          },
          {
            "name": "18064",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18064"
          },
          {
            "name": "15827",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15827"
          },
          {
            "name": "VU#959049",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/959049"
          },
          {
            "name": "oval:org.mitre.oval:def:1597",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1597"
          },
          {
            "name": "TA05-347A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA05-347A.html"
          },
          {
            "name": "MS05-054",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-054"
          },
          {
            "name": "oval:org.mitre.oval:def:1475",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1475"
          },
          {
            "name": "oval:org.mitre.oval:def:1520",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1520"
          },
          {
            "name": "oval:org.mitre.oval:def:1426",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1426"
          },
          {
            "name": "oval:org.mitre.oval:def:1558",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1558"
          },
          {
            "name": "oval:org.mitre.oval:def:1543",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1543"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-234.pdf"
          },
          {
            "name": "15368",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/15368"
          },
          {
            "name": "ADV-2005-2909",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2909"
          },
          {
            "name": "18311",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18311"
          },
          {
            "name": "win-com-activex-execute-code(23453)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23453"
          },
          {
            "name": "21763",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/21763"
          },
          {
            "name": "ADV-2005-2867",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2867"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=375420"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-12-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, aka a variant of the \"COM Object Instantiation Memory Corruption Vulnerability,\" a different vulnerability than CVE-2005-2127."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "1015348",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015348"
        },
        {
          "name": "18064",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18064"
        },
        {
          "name": "15827",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15827"
        },
        {
          "name": "VU#959049",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/959049"
        },
        {
          "name": "oval:org.mitre.oval:def:1597",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1597"
        },
        {
          "name": "TA05-347A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA05-347A.html"
        },
        {
          "name": "MS05-054",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-054"
        },
        {
          "name": "oval:org.mitre.oval:def:1475",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1475"
        },
        {
          "name": "oval:org.mitre.oval:def:1520",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1520"
        },
        {
          "name": "oval:org.mitre.oval:def:1426",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1426"
        },
        {
          "name": "oval:org.mitre.oval:def:1558",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1558"
        },
        {
          "name": "oval:org.mitre.oval:def:1543",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1543"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-234.pdf"
        },
        {
          "name": "15368",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/15368"
        },
        {
          "name": "ADV-2005-2909",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2909"
        },
        {
          "name": "18311",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18311"
        },
        {
          "name": "win-com-activex-execute-code(23453)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23453"
        },
        {
          "name": "21763",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/21763"
        },
        {
          "name": "ADV-2005-2867",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2867"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=375420"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2005-2831",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, aka a variant of the \"COM Object Instantiation Memory Corruption Vulnerability,\" a different vulnerability than CVE-2005-2127."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1015348",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015348"
            },
            {
              "name": "18064",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18064"
            },
            {
              "name": "15827",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15827"
            },
            {
              "name": "VU#959049",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/959049"
            },
            {
              "name": "oval:org.mitre.oval:def:1597",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1597"
            },
            {
              "name": "TA05-347A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA05-347A.html"
            },
            {
              "name": "MS05-054",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-054"
            },
            {
              "name": "oval:org.mitre.oval:def:1475",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1475"
            },
            {
              "name": "oval:org.mitre.oval:def:1520",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1520"
            },
            {
              "name": "oval:org.mitre.oval:def:1426",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1426"
            },
            {
              "name": "oval:org.mitre.oval:def:1558",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1558"
            },
            {
              "name": "oval:org.mitre.oval:def:1543",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1543"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2005-234.pdf",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-234.pdf"
            },
            {
              "name": "15368",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/15368"
            },
            {
              "name": "ADV-2005-2909",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2909"
            },
            {
              "name": "18311",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18311"
            },
            {
              "name": "win-com-activex-execute-code(23453)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23453"
            },
            {
              "name": "21763",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/21763"
            },
            {
              "name": "ADV-2005-2867",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2867"
            },
            {
              "name": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=375420",
              "refsource": "MISC",
              "url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=375420"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2005-2831",
    "datePublished": "2005-12-14T11:00:00",
    "dateReserved": "2005-09-07T00:00:00",
    "dateUpdated": "2024-08-07T22:45:02.395Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"24DF2AB3-DEAB-4D70-986E-FFBB7E64B96A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:ie:6.0:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA3D2175-7DF7-4D57-8B26-5BA68EF7A935\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:internet_explorer:5.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3A04FEA6-37B0-44B0-844F-55652ABA1F85\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D56FB8E-2553-47C1-82A2-9E59023780CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"8541EEED-94F4-42F8-9719-57F3EC85D52B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"40372520-08CF-4F64-A7AC-7E0AE0964138\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp4:*:*:*:*:*:*\", \"matchCriteriaId\": \"2EB39B99-91A0-4B70-B12A-BA37F6AFBA83\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"40F8042F-C621-45AE-9F8C-70469579643A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CD04E07-3664-4D4F-BF3E-6B33AF0F2D12\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"D05ED9D0-CF78-4FAD-9371-6FB3D5825148\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A19F6133-25D1-44A5-B6B9-354703436783\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, aka a variant of the \\\"COM Object Instantiation Memory Corruption Vulnerability,\\\" a different vulnerability than CVE-2005-2127.\"}, {\"lang\": \"es\", \"value\": \"Microsoft Internet Explorer 5.01, 5.5 y 6 permiten a atacantes remotos causar una denegaci\\u00f3n de servicio (ca\\u00edda de aplicaci\\u00f3n) y posiblemente ejecutar c\\u00f3digo de su elecci\\u00f3n mediante una p\\u00e1gina web con CLSIDs incrustados que hacen referencia ciertos objetos COM que no est\\u00e1n pensados para ser usados con con Internet Explorer, tcc una variante de la \\\"Vulnerabilidad de Corrupci\\u00f3n de Memoria por Instanciamiento de Objeto COM\\\", una vulnerabilidad diferente de CVE-2005-2127.\"}]",
      "id": "CVE-2005-2831",
      "lastModified": "2024-11-21T00:00:31.320",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": true, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2005-12-14T11:03:00.000",
      "references": "[{\"url\": \"http://secunia.com/advisories/15368\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://secunia.com/advisories/18064\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://secunia.com/advisories/18311\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://securitytracker.com/id?1015348\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://support.avaya.com/elmodocs2/security/ASA-2005-234.pdf\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/959049\", \"source\": \"secure@microsoft.com\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.osvdb.org/21763\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://www.securityfocus.com/bid/15827\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA05-347A.html\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Patch\", \"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2005/2867\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2005/2909\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=375420\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-054\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/23453\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1426\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1475\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1520\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1543\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1558\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1597\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://secunia.com/advisories/15368\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/18064\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/18311\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1015348\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://support.avaya.com/elmodocs2/security/ASA-2005-234.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/959049\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.osvdb.org/21763\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/15827\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA05-347A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2005/2867\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2005/2909\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=375420\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-054\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/23453\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1426\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1475\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1520\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1543\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1558\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1597\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "secure@microsoft.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2005-2831\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2005-12-14T11:03:00.000\",\"lastModified\":\"2024-11-21T00:00:31.320\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, aka a variant of the \\\"COM Object Instantiation Memory Corruption Vulnerability,\\\" a different vulnerability than CVE-2005-2127.\"},{\"lang\":\"es\",\"value\":\"Microsoft Internet Explorer 5.01, 5.5 y 6 permiten a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante una p\u00e1gina web con CLSIDs incrustados que hacen referencia ciertos objetos COM que no est\u00e1n pensados para ser usados con con Internet Explorer, tcc una variante de la \\\"Vulnerabilidad de Corrupci\u00f3n de Memoria por Instanciamiento de Objeto COM\\\", una vulnerabilidad diferente de CVE-2005-2127.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":true,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"24DF2AB3-DEAB-4D70-986E-FFBB7E64B96A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:ie:6.0:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA3D2175-7DF7-4D57-8B26-5BA68EF7A935\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:internet_explorer:5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A04FEA6-37B0-44B0-844F-55652ABA1F85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D56FB8E-2553-47C1-82A2-9E59023780CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"8541EEED-94F4-42F8-9719-57F3EC85D52B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"40372520-08CF-4F64-A7AC-7E0AE0964138\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EB39B99-91A0-4B70-B12A-BA37F6AFBA83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40F8042F-C621-45AE-9F8C-70469579643A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CD04E07-3664-4D4F-BF3E-6B33AF0F2D12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D05ED9D0-CF78-4FAD-9371-6FB3D5825148\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A19F6133-25D1-44A5-B6B9-354703436783\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/15368\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://secunia.com/advisories/18064\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://secunia.com/advisories/18311\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://securitytracker.com/id?1015348\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2005-234.pdf\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.kb.cert.org/vuls/id/959049\",\"source\":\"secure@microsoft.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.osvdb.org/21763\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.securityfocus.com/bid/15827\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA05-347A.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2005/2867\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2005/2909\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=375420\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-054\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/23453\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1426\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1475\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1520\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1543\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1558\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1597\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://secunia.com/advisories/15368\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/18064\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/18311\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1015348\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2005-234.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/959049\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.osvdb.org/21763\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/15827\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA05-347A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2005/2867\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2005/2909\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=375420\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-054\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/23453\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1426\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1475\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1520\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1543\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1558\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1597\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.