Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:29557D72491275F7C43A6A911AF0D54D
HistoryJun 05, 2006 - 12:00 a.m.

Internet Explorer Javaprxy.dll heap overflow

2006-06-0500:00:00
SAINT Corporation
www.saintcorporation.com
11

0.964 High

EPSS

Percentile

99.4%

JSON

Added: 06/05/2006
CVE: CVE-2005-2087
BID: 14087
OSVDB: 17680

Background

Windows operating systems use the Component Object Model (COM) to allow various program components to be run within different applications. One such object, the JView Profiler (**Javaprxy.dll**), is a debugger interface for Microsoft Java Virtual Machine.

Problem

Internet Explorer is affected by a heap overflow vulnerability when the **Javaprxy.dll** COM object is instantiated, allow command execution by a malicious web page.

Resolution

Apply the patch referenced in Microsoft Security Bulletin 05-037.

References

<http://www.kb.cert.org/vuls/id/939605&gt;

Limitations

Exploit works if a vulnerable version of **javaprxy.dll** is present. A user must load the exploit page into Internet Explorer in order for exploitation to succeed.

Platforms

Windows

Related

saint 3
nessus 1
cert 2
cvelist 2
cve 2
securityvulns 1
checkpoint_advisories 1
saint
saint
Internet Explorer Javaprxy.dll heap overflow
2006-06-05 00:00:00
Internet Explorer Javaprxy.dll heap overflow
2006-06-05 00:00:00
Internet Explorer Javaprxy.dll heap overflow
2006-06-05 00:00:00
nessus
nessus
MS05-037: Vulnerability in JView Profiler Could Allow Code Execution (903235)
2005-07-12 00:00:00
cert
cert
JVIEW Profiler (javaprxy.dll) COM object contains an unspecified vulnerability
2005-07-02 00:00:00
Multiple COM objects cause memory corruption in Microsoft Internet Explorer
2005-08-09 00:00:00
cvelist
cvelist
CVE-2005-2087
2005-06-30 04:00:00
CVE-2005-1990
2005-08-10 04:00:00
cve
cve
CVE-2005-2087
2005-07-05 04:00:00
CVE-2005-1990
2005-08-10 04:00:00
securityvulns
securityvulns
Microsoft Security Bulletin MS05-037 Vulnerability in JView Profiler Could Allow Remote Code Execution &#40;903235&#41;
2005-07-12 00:00:00
checkpoint_advisories
checkpoint_advisories
Internet Explorer Multiple COM Objects Memory Corruption (MS05-037 MS05-038; CVE-2005-1990; CVE-2005-2087)
2009-10-29 00:00:00

0.964 High

EPSS

Percentile

99.4%

JSON
Related for SAINT:29557D72491275F7C43A6A911AF0D54D
saint3nessus1cert2cvelist2cve2securityvulns1checkpoint_advisories1