Denial of Service and Remote Code Execution Vulnerability in Internet Explorer 5.01 SP4 up to 6

Denial of Service and Remote Code Execution Vulnerability in Internet Explorer 5.01 SP4 up to 6

CVE-2005-2087 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

Internet Explorer 5.01 SP4 up to 6 on various Windows operating systems, including IE 6.0.2900.2180 on Windows XP, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, as demonstrated using the JVIEW Profiler (Javaprxy.dll). NOTE: the researcher says that the vendor could not reproduce this problem.

Learn more about our Web App Pen Testing.