Internet Explorer 5.01 SP4 up to 6 on various Windows operating systems, including IE 6.0.2900.2180 on Windows XP, allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, as demonstrated using the JVIEW Profiler (Javaprxy.dll). NOTE: the researcher says that the vendor could not reproduce this problem.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft internet explorer 5.01 |
||
microsoft internet explorer 6.0 |
||
microsoft internet explorer 6.0.2900.2180 |
||
microsoft ie 5.2.3 |
||
microsoft internet explorer 5.5 |
||
microsoft internet explorer 5.1 |
||
microsoft ie 5.1 |
||
microsoft ie 6 |