Release DateDec 31, 2011 |
Severitylow |
ImpactDenial of Service: Remote attackers can crash vulnerable systems. |
DescriptionThis indicates an attack attempt against a Denial of Service in Microsoft Internet Explorer.The vulnerability is due to a NULL pointer dereference error in the Microsoft DirectAnimation Structured Graphics control ("daxctle.ocx") when handling a specially crafted "SourceURL" parameter. This bug can be exploited by attackers to crash a vulnerable browser by tricking a user into visiting a malicious web page. |
Affected ProductsMicrosoft Internet Explorer 5.0.1 SP4Microsoft Internet Explorer 6.0 Microsoft Internet Explorer 6.0 SP1, SP2 |
Recommended ActionsCurrently we are not aware of any vendor-supplied patches for this issue. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2006-3427 |
Reference/shttp://www.frsirt.com/english/advisories/2006/2687 (FrSIRT)http://www.securityfocus.com/bid/18855 (BugTraq) |
