Description
The Java Plug-in 1.4.2_03 and 1.4.2_04 controls, and the 1.4.2_03 and 1.4.2_04 <applet> redirector controls, allow remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.
References (1)
Core 1
Core References
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/391803
Scores
EPSS
0.0063
EPSS Percentile
70.5%
Details
CWE
CWE-16
Status
published
Products (2)
sun/java_plug-in
1.4.2_03
sun/java_plug-in
1.4.2_04
Published
Dec 31, 2005
Tracked Since
Feb 18, 2026