New Search

IE5 COM Object Instantiation Memory Corruption (Win2K)

oval:org.mitre.oval:def:1446

Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via by instantiating the (1) Mdt2gddr.dll (2) Mdt2dd.dll and (3) Mdt2gddo.dll COM objects as ActiveX controls which leads to memory corruption.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 2000
Class:
vulnerability
Reference(s):
  • CVE-2006-1186
Product(s):
  • Microsoft Internet Explorer