Release DateDec 30, 2011 |
Severitymedium |
ImpactDenial of Service: Remote attackers can crash vulnerable systems. |
DescriptionThis indicates an attempt to exploit a Denial of Service vulnerability in Microsoft Internet ExplorerThe vulnerability is a result of a NULL pointer dereference error in the Microsoft Data Access ActiveX "msado15.dll" object. It can be triggered by a specially crafted "ADODB.Recordset Filter Property". It can be exploited by attackers to crash a vulnerable browser by tricking a user into visiting a malicious web page. |
Affected ProductsMicrosoft Internet Explorer 6.0 SP1Microsoft Internet Explorer 6.0 |
Recommended ActionsCurrently we are not aware of any vendor-supplied patches for this issue. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2006-3354 |
Reference/shttp://www.securityfocus.com/bid/18773 (BugTraq) |
