Lucene search

[email protected]CVE-2005-4843

HistoryOct 03, 2022 - 4:22 p.m.

CVE-2005-4843

2022-10-0316:22:46

[email protected]

web.nvd.nist.gov

smartconnect

class control

denial of service

internet explorer crash

com object

clsid

security vulnerability

nvd

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7 High

AI Score

Confidence

High

0.03 Low

EPSS

Percentile

91.0%

JSON

The SmartConnect Class control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control’s CLSID, which is not intended for use within Internet Explorer.

Affected configurations

NVD

Node

microsoftinternet_explorerMatch7.0

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorereq7.0

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	eq	7.0

References

www.securityfocus.com/archive/1/391803

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7 High

AI Score

Confidence

High

0.03 Low

EPSS

Percentile

91.0%

JSON

Related for CVE-2005-4843

cvelist1 nvd1