Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Generic)  >   Microsoft Internet Explorer Vendors:   Microsoft
Microsoft 'msdds.dll' COM Object Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1014727
SecurityTracker URL:
CVE Reference:   CVE-2005-2127   (Links to External Site)
Updated:  Feb 21 2006
Original Entry Date:  Aug 18 2005
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): 6
Description:   A vulnerability was reported in the Microsoft 'msdds.dll' ActiveX object. The flaw can be exploited via Internet Explorer. A remote user can cause arbitrary code to be executed on the target user's system.

A remote user can create specially crafted HTML that, when loaded by the target user with Internet Explorer, will trigger a vulnerability in the 'msdds.dll' COM object (CLSID: EC444CB6-3E7E-4865-B1C3-0DE72EF39B3F). Arbitrary code can be executed with the privileges of the target user.

The affected COM Object component is the Microsoft DDS Library Shape Control used by various components such as Visual Studio Database Diagramming. The vulnerable versions of 'Msdds.dll' are 7.0.9064.9112, 7.0.9064.9143, and 7.0.9466.0. Versions 7.0.9955.0 and 7.10.3077.0 and higher versions are not affected.

Microsoft indicates that users of the initial release of Microsoft Visual Studio 2002 are affected.

Users of Microsoft Office XP SP3 are not vulnerable by default. However, if the 'Msvcr70.dll' and 'Msvscp70.dll' files are accessible to Internet Explorer process (by being in the same directory as 'Msdds.dll' or being in the path, for example), then the system is vulnerable.

'Anonymous' discovered this vulnerability.

Impact:   A remote user can cause arbitrary code to be executed on the target user's system with the privileges of the target user.
Solution:   Microsoft has issued a fix [in October 2005] as part of the MS05-052 cumulative update for Internet Explorer:

Microsoft updated their original advisory on February 21, 2006 to indicate that MS05-052 fixes the problem. The original Microsoft advisory is available at:

Vendor URL: (Links to External Site)
Cause:   Boundary error
Underlying OS:  Windows (Any)

Message History:   None.

 Source Message Contents

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC