Vulnerability Description
The JPEG decoder in Microsoft Internet Explorer allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via certain crafted JPEG images, as demonstrated using (1) mov_fencepost.jpg, (2) cmp_fencepost.jpg, (3) oom_dos.jpg, or (4) random.jpg.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Ie | 6.0 |
References
- http://lcamtuf.coredump.cx/crashExploit
- http://www.securityfocus.com/archive/1/405298Exploit
- http://www.securityfocus.com/bid/14284Exploit
- http://www.securityfocus.com/bid/14285Exploit
- http://www.securityfocus.com/bid/14286Exploit
- http://lcamtuf.coredump.cx/crashExploit
- http://www.securityfocus.com/archive/1/405298Exploit
- http://www.securityfocus.com/bid/14284Exploit
- http://www.securityfocus.com/bid/14285Exploit
- http://www.securityfocus.com/bid/14286Exploit
FAQ
What is CVE-2005-2308?
CVE-2005-2308 is a vulnerability with a CVSS score of 7.5 (HIGH). The JPEG decoder in Microsoft Internet Explorer allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via certain crafted JPEG images, as ...
How severe is CVE-2005-2308?
CVE-2005-2308 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-2308?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Ie.