5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.945 High
EPSS
Percentile
99.2%
A vulnerability in the Microsoft Internet Explorer JPEG image rendering routines may allow an attacker to remotely execute arbitrary code.
Microsoft Internet Explorer is a web browser that is available for a variety of platforms and devices. A flaw in the image rendering library that is used to display JPEG-format files may allow an attacker to craft an image that, when viewed, executes arbitrary code on the user’s machine. This may create a denial-of-service condition or allow the attacker to take control of the host.
This flaw may be exploited when the user views an HTML document, such as a web page or an HTML email message. If Internet Explorer is the default web browser or JPEG viewing application, a variety of actions outside of normal web browsing may result in Internet Explorer being used to view a maliciously crafted JPEG image.
The amount of access an attacker can gain depends on the user’s account. If the user is operating with limited privileges, it minimizes the possible impact. However, if the user has administrator privileges, an attacker might be able to gain complete control of the system.
A remote, unauthenticated attacker may be able to execute arbitrary code on the local machine, leading to a denial-of-service condition or possibly complete control of the machine.
Apply an update
Please see Microsoft Security Bulletin MS05-038 for information on fixes, updates, and workarounds.
Do not follow unsolicited links or access unsolicited images
The maliciously-crafted images may be accessible via a web page link or a link sent in email. In order to convince users to visit their sites, attackers often use URL encoding, IP address variations, long URLs, intentional misspellings, and other techniques to create misleading links. Do not click on unsolicited links received in email, instant messages, web forums, or internet relay chat (IRC) channels. Type URLs directly into the browser to avoid these misleading links. While these are generally good security practices, following these behaviors will not prevent exploitation of this vulnerability in all cases.
Use least privilege
Operate with the least privilege possible. Note that this workaround will not prevent exploitation, but it may limit the impact of an attack.
965206
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Updated: August 09, 2005
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Please see Microsoft Security Bulletin MS05-038 for information on fixes, updates, and workarounds.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23965206 Feedback>).
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
Thanks to Michal Zalewski and Microsoft for reporting this vulnerability.
This document was written by Ken MacInnis.
CVE IDs: | CVE-2005-1988 |
---|---|
Severity Metric: | 26.73 Date Public: |