virus logo Intrusion Prevention

MS.IE.StructuredGraphics.DoS

description-logoDescription

Microsoft Internet Explorer allows remote attackers to cause a denial of service by declaring the sourceURL attribute on an uninitialized DirectAnimation.StructuredGraphicsControl ActiveX Object. This flaw is due to a NULL pointer dereference error in the Microsoft DirectAnimation Structured Graphics control ("daxctle.ocx") when handling a specially crafted "SourceURL" parameter. This bug can be exploited by attackers to crash a vulnerable browser by tricking a user into visiting a malicious web page.

affected-products-logoAffected Products

Microsoft Internet Explorer 5.0.1 SP4
Microsoft Internet Explorer 6.0
Microsoft Internet Explorer 6.0 SP1 ? SP2

Impact logoImpact

Denial of service

recomended-action-logoRecommended Actions

As of August 25 2006, Fortinet is unaware of any vendor supplied patches for this issue. If you have more recent information, please contact us at vulnwatch AT fortinet.com.
Users should never visit sites of questionable integrity or follow links provided by unfamiliar or untrusted sources.
Disable the execution of script code or active content in your web browser.
Disabling scripting and active content in the Internet Zone may limit exposure to this and other vulnerabilities.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 12032
Created Jul 06, 2006
Updated Nov 15, 2021
Risk black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2006-3427
Exploit Prediction Score 81.81%
Default Action drop
Active
Affected OS Windows
Affected App IE