CVE-2006-1992

by Fred · 24/04/2006

mshtml.dll 6.00.2900.2873, as used in Microsoft Internet Explorer, allows remote attackers to cause a denial of service (crash) via nested OBJECT tags, which trigger invalid pointer dereferences including NULL dereferences. NOTE: the possibility of code execution was originally theorized, but Microsoft has stated that this issue is non-exploitable.

Date published : 2006-04-24

http://www.securityfocus.com/bid/17658

http://www.securityfocus.com/archive/1/431796/100/0/threaded

CVE-2006-1992

Similar

Recent Posts

Categories

CVE-2006-1992

Share this:

Similar

Recent Posts

Categories

Tags