|
|
CVE Reference: CVE-2006-1992 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-1992 |
|
|
Description: mshtml.dll 6.00.2900.2873, as used in Microsoft Internet Explorer, allows remote attackers to cause a denial of service (crash) via nested OBJECT tags, which trigger invalid pointer dereferences including NULL dereferences. NOTE: the possibility of code execution was originally theorized, but Microsoft has stated that this issue is non-exploitable. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/25978 ST 1016001 1016291 SREASON http://securityreason.com/securityalert/781 SAID Secunia Advisory: SA19762 OSVDB 27475 MS http://www.microsoft.com/technet/security/bulletin/ms06-021.mspx FULLDISC http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/045422.html http://archives.neohapsis.com/archives/fulldisclosure/2006-04/0616.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/431796/100/0/threaded BID 17658 |
|
| Return to the previous page. |
