CVE-2005-2127

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 5.01, 5.5, and 6

Description: The issue allows remote attackers to cause a denial of service, potentially leading to arbitrary code execution, via a web page with embedded CLSIDs referencing certain COM objects not intended for use within Internet Explorer. This is demonstrated using various COM objects, including the DDS Library Shape Control and other specified objects.

Recommendations: For Microsoft Internet Explorer versions 5.01, 5.5, and 6, consider disabling the use of COM objects within Internet Explorer as a temporary workaround until a patch is available. Restrict access to the specified COM objects to minimize the risk of exploitation. Avoid using web pages with embedded CLSIDs that reference these COM objects until the issue is resolved.