Vulnerability Details CVE-2005-2308
The JPEG decoder in Microsoft Internet Explorer allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via certain crafted JPEG images, as demonstrated using (1) mov_fencepost.jpg, (2) cmp_fencepost.jpg, (3) oom_dos.jpg, or (4) random.jpg.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.524
EPSS Ranking 97.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://lcamtuf.coredump.cx/crash
- http://www.securityfocus.com/archive/1/405298
- http://www.securityfocus.com/bid/14284
- http://www.securityfocus.com/bid/14285
- http://www.securityfocus.com/bid/14286
- http://lcamtuf.coredump.cx/crash
- http://www.securityfocus.com/archive/1/405298
- http://www.securityfocus.com/bid/14284
- http://www.securityfocus.com/bid/14285
- http://www.securityfocus.com/bid/14286