CVE-2005-2127
Microsoft Visual Studio .NET - 'msdds.dll' Remote Code Execution
Severity Score
7.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
3
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, as originally demonstrated using the (1) DDS Library Shape Control (Msdds.dll) COM object, and other objects including (2) Blnmgrps.dll, (3) Ciodm.dll, (4) Comsvcs.dll, (5) Danim.dll, (6) Htmlmarq.ocx, (7) Mdt2dd.dll (as demonstrated using a heap corruption attack with uninitialized memory), (8) Mdt2qd.dll, (9) Mpg4ds32.ax, (10) Msadds32.ax, (11) Msb1esen.dll, (12) Msb1fren.dll, (13) Msb1geen.dll, (14) Msdtctm.dll, (15) Mshtml.dll, (16) Msoeacct.dll, (17) Msosvfbr.dll, (18) Mswcrun.dll, (19) Netshell.dll, (20) Ole2disp.dll, (21) Outllib.dll, (22) Psisdecd.dll, (23) Qdvd.dll, (24) Repodbc.dll, (25) Shdocvw.dll, (26) Shell32.dll, (27) Soa.dll, (28) Srchui.dll, (29) Stobject.dll, (30) Vdt70.dll, (31) Vmhelper.dll, and (32) Wbemads.dll, aka a variant of the "COM Object Instantiation Memory Corruption vulnerability."
eEye Digital Security has discovered a vulnerability in the way a Microsoft Design Tools COM object allocates and uses heap memory. An attacker could design a web page or HTML document that exploits the vulnerability in order to execute arbitrary code on the system of a user who views it.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2005-07-02 CVE Reserved
- 2005-08-19 CVE Published
- 2013-06-13 First Exploit
- 2024-08-07 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (26)
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/26167 | 2013-06-13 | |
| http://securitytracker.com/id?1014727 | 2024-08-07 | |
| http://www.securityfocus.com/bid/14594 | 2024-08-07 |
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/16480 | 2018-10-19 | |
| http://www.microsoft.com/technet/security/advisory/906267.mspx | 2018-10-19 |
| URL | Date | SRC |
|---|---|---|
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-052 | 2018-10-19 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ati Search vendor "Ati" | Catalyst Driver Search vendor "Ati" for product "Catalyst Driver" | * | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 1.1 Search vendor "Microsoft" for product ".net Framework" and version "1.1" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 1.1 Search vendor "Microsoft" for product ".net Framework" and version "1.1" | sp1 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 1.1 Search vendor "Microsoft" for product ".net Framework" and version "1.1" | sp2 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | .net Framework Search vendor "Microsoft" for product ".net Framework" | 1.1 Search vendor "Microsoft" for product ".net Framework" and version "1.1" | sp3 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | * | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | 2000 Search vendor "Microsoft" for product "Office" and version "2000" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | 2000 Search vendor "Microsoft" for product "Office" and version "2000" | ja |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | 2000 Search vendor "Microsoft" for product "Office" and version "2000" | ko |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | 2000 Search vendor "Microsoft" for product "Office" and version "2000" | zh |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | 2000 Search vendor "Microsoft" for product "Office" and version "2000" | sp1 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | 2000 Search vendor "Microsoft" for product "Office" and version "2000" | sp2 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | 2000 Search vendor "Microsoft" for product "Office" and version "2000" | sp3 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | xp Search vendor "Microsoft" for product "Office" and version "xp" | sp1 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | xp Search vendor "Microsoft" for product "Office" and version "xp" | sp2 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | xp Search vendor "Microsoft" for product "Office" and version "xp" | sp3 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Project Search vendor "Microsoft" for product "Project" | 98 Search vendor "Microsoft" for product "Project" and version "98" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Project Search vendor "Microsoft" for product "Project" | 2000 Search vendor "Microsoft" for product "Project" and version "2000" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Project Search vendor "Microsoft" for product "Project" | 2002 Search vendor "Microsoft" for product "Project" and version "2002" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Project Search vendor "Microsoft" for product "Project" | 2002 Search vendor "Microsoft" for product "Project" and version "2002" | sp1 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Project Search vendor "Microsoft" for product "Project" | 2003 Search vendor "Microsoft" for product "Project" and version "2003" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Project Search vendor "Microsoft" for product "Project" | 2003 Search vendor "Microsoft" for product "Project" and version "2003" | sp1 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Visio Search vendor "Microsoft" for product "Visio" | 2000 Search vendor "Microsoft" for product "Visio" and version "2000" | sr1, enterprise |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Visio Search vendor "Microsoft" for product "Visio" | 2002 Search vendor "Microsoft" for product "Visio" and version "2002" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Visio Search vendor "Microsoft" for product "Visio" | 2002 Search vendor "Microsoft" for product "Visio" and version "2002" | professional |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Visio Search vendor "Microsoft" for product "Visio" | 2002 Search vendor "Microsoft" for product "Visio" and version "2002" | sp1 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Visio Search vendor "Microsoft" for product "Visio" | 2002 Search vendor "Microsoft" for product "Visio" and version "2002" | sp2 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Visio Search vendor "Microsoft" for product "Visio" | 2002 Search vendor "Microsoft" for product "Visio" and version "2002" | sp2, professional |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Visio Search vendor "Microsoft" for product "Visio" | 2002 Search vendor "Microsoft" for product "Visio" and version "2002" | sp2, standard |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Visio Search vendor "Microsoft" for product "Visio" | 2003 Search vendor "Microsoft" for product "Visio" and version "2003" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Visio Search vendor "Microsoft" for product "Visio" | 2003 Search vendor "Microsoft" for product "Visio" and version "2003" | professional |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Visio Search vendor "Microsoft" for product "Visio" | 2003 Search vendor "Microsoft" for product "Visio" and version "2003" | standard |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Visio Search vendor "Microsoft" for product "Visio" | 2003 Search vendor "Microsoft" for product "Visio" and version "2003" | sp1 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Visual Studio .net Search vendor "Microsoft" for product "Visual Studio .net" | 2002 Search vendor "Microsoft" for product "Visual Studio .net" and version "2002" | gold |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Visual Studio .net Search vendor "Microsoft" for product "Visual Studio .net" | 2003 Search vendor "Microsoft" for product "Visual Studio .net" and version "2003" | enterprise_architect |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Visual Studio .net Search vendor "Microsoft" for product "Visual Studio .net" | 2003 Search vendor "Microsoft" for product "Visual Studio .net" and version "2003" | gold |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Visual Studio .net Search vendor "Microsoft" for product "Visual Studio .net" | gold Search vendor "Microsoft" for product "Visual Studio .net" and version "gold" | academic |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Visual Studio .net Search vendor "Microsoft" for product "Visual Studio .net" | gold Search vendor "Microsoft" for product "Visual Studio .net" and version "gold" | enterprise_architect |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Visual Studio .net Search vendor "Microsoft" for product "Visual Studio .net" | gold Search vendor "Microsoft" for product "Visual Studio .net" and version "gold" | enterprise_developer |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Visual Studio .net Search vendor "Microsoft" for product "Visual Studio .net" | gold Search vendor "Microsoft" for product "Visual Studio .net" and version "gold" | professional |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Visual Studio .net Search vendor "Microsoft" for product "Visual Studio .net" | gold Search vendor "Microsoft" for product "Visual Studio .net" and version "gold" | trial |
Affected
| ||||||