Intrusion Prevention

MS.IE.Javaprxy.Dll.COM.Object.Instantiation.Heap.Overflow

Description

This indicates an attack attempt to exploit a Heap Overflow vulnerability in Microsoft Internet Explorer.
The vulnerability, which is located in "Javaprxy.dll", can be exploited through instantiating a "COM" object embedded in web page via CLSIDs. It may allow remote attackers to execute arbitrary code in the context of the application using the affected ActiveX control. Failed exploit attempts will likely cause the program to crash, resulting in a Denial of Service condition.

Affected Products

Microsoft Internet Explorer 5.0.1
Microsoft Internet Explorer 5.0.1 SP1
Microsoft Internet Explorer 5.0.1 SP2
Microsoft Internet Explorer 5.0.1 SP3
Microsoft Internet Explorer 5.0.1 SP4
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 5.5 SP1
Microsoft Internet Explorer 5.5 SP2
Microsoft Internet Explorer 6.0
Microsoft Internet Explorer 6.0 SP1
Microsoft Internet Explorer 6.0 SP2 - do not use
Nortel Networks Centrex IP Client Manager

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.
Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Apply the latest update from the vendor.
Microsoft Internet Explorer 6.0 SP1
Microsoft Security Update for JView Profiler (KB903235)
Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, or on Microsoft Windows XP Service Pack 1
http://www.microsoft.com/downloads/details.aspx?familyid=2A506C16-01EF-4060-BCF8-6993C55840A9
Microsoft Internet Explorer 6.0 SP2- do not use
Microsoft Security Update for JView Profiler (KB903235)
Internet Explorer 6 for Microsoft Windows Server 2003 x64 Edition
http://www.microsoft.com/downloads/details.aspx?familyid=68209225-A682-4008-A22B-881C401486F7
Microsoft Security Update for JView Profiler (KB903235)
Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition
http://www.microsoft.com/downloads/details.aspx?familyid=80EFD9A8-7EE9-4B0B-8517-559C49614AB7
Microsoft Security Update for JView Profiler (KB903235)
Internet Explorer 6 for Microsoft Windows XP Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=C1381768-6C6D-4568-97B1-600DB8798EBF
Microsoft Security Update for JView Profiler (KB903235)
Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
http://www.microsoft.com/downloads/details.aspx?familyid=D785F9AB-DBE9-4272-A87E-64205690F98E
Microsoft Security Update for JView Profiler (KB903235)
Internet Explorer 6 for Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
http://www.microsoft.com/downloads/details.aspx?familyid=F368E231-9918-4881-9F17-60312F82183F
Microsoft Internet Explorer 6.0
Microsoft Security Update for JView Profiler (KB903235)
Internet Explorer 6 for Microsoft Windows Server 2003 x64 Edition
http://www.microsoft.com/downloads/details.aspx?familyid=68209225-A682-4008-A22B-881C401486F7
Microsoft Security Update for JView Profiler (KB903235)
Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
http://www.microsoft.com/downloads/details.aspx?familyid=D785F9AB-DBE9-4272-A87E-64205690F98E
Microsoft Security Update for JView Profiler (KB903235)
Internet Explorer 6 for Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
http://www.microsoft.com/downloads/details.aspx?familyid=F368E231-9918-4881-9F17-60312F82183F
Microsoft Internet Explorer 5.0.1 SP3
Microsoft Security Update for JView Profiler (KB903235)
Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
http://www.microsoft.com/downloads/details.aspx?familyid=25982E02-EC6D-44CE-82DE-12DDEF1ADDD6
Microsoft Internet Explorer 5.0.1 SP4
Microsoft Security Update for JView Profiler (KB903235)
Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
http://www.microsoft.com/downloads/details.aspx?familyid=25982E02-EC6D-44CE-82DE-12DDEF1ADDD6

CVE References

CVE-2005-2087