Alias(es)IE.Nested.OBJECT.Tag.Memory.Corruption |
Release DateOct 18, 2006 |
Severityhigh |
ImpactSystem compromise or Denial of service. |
DescriptionIndicates a possible attempt at exploiting a bug in Microsoft Internet Explorer which leads to a denial of service (crash) or the execution of arbitrary code. The vulnerability is found when using nested OBJECT tags, which can trigger invalid pointer dererences including NULL dereferences. |
Affected ProductsMicrosoft Internet Explorer 6.0 SP2. |
Recommended ActionsMicrosoft has released a security update that fixes this vulnerability.http://www.microsoft.com/technet/security/Bulletin/MS06-021.mspx |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2006-1992 |
Reference/shttp://technet.microsoft.com/en-us/security/bulletin/MS06-021.mspx (MS-ID)http://www.securityfocus.com/bid/17658 (BugTraq) |
