Threat Encyclopedia



A remote code execution vulnerability exists in the way Internet Explorer interprets certain DHTML script function calls to incorrectly created elements. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could potentially allow remote code execution if a user viewed the Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

Affected Products

Internet Explorer 6


Arbitrary code execution

Recommended Actions

Microsoft has issued an update to correct this vulnerability. More details can be found at:

CVE References