CVE-2005-4845

Name of the Vulnerable Software and Affected Versions Java Plug-in versions 1.4.2 03 through 1.4.2 04

Description The issue allows remote attackers to cause a denial of service, resulting in an Internet Explorer crash. This is achieved by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.

Recommendations For Java Plug-in versions 1.4.2 03 and 1.4.2 04, consider disabling the use of the affected controls within Internet Explorer as a temporary workaround until a patch is available. Restrict access to the COM object creation functionality to minimize the risk of exploitation.