VYPR
Unrated severityNVD Advisory· Published Jul 5, 2005· Updated Jun 16, 2026

CVE-2005-2087

CVE-2005-2087

Description

Internet Explorer 5.01 SP4 up to 6 on various Windows operating systems, including IE 6.0.2900.2180 on Windows XP, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, as demonstrated using the JVIEW Profiler (Javaprxy.dll). NOTE: the researcher says that the vendor could not reproduce this problem.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

12
  • Microsoft/Ie3 versions
    cpe:2.3:a:microsoft:ie:5.1:*:mac_os:*:*:*:*:*+ 2 more
    • cpe:2.3:a:microsoft:ie:5.1:*:mac_os:*:*:*:*:*
    • cpe:2.3:a:microsoft:ie:5.2.3:*:macintosh:*:*:*:*:*
    • cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*+ 8 more
    • cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.5:preview:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:*
    • (no CPE)range: >=5.01 SP4, <=6.0.2900.2180

Patches

Vulnerability mechanics

References

18

News mentions

0

No linked articles in our index yet.