CVE-2006-3869 - CVE Reference - Advisories

CVE Reference: CVE-2006-3869

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-3869

Description: Heap-based buffer overflow in URLMON.DLL in Microsoft Internet Explorer 6 SP1 on Windows 2000 and XP SP1, with versions the MS06-042 patch before 20060824, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long URL on a website that uses HTTP 1.1 compression.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/28522 http://xforce.iss.net/xforce/xfdb/28893 ST 1016731 SREASON http://securityreason.com/securityalert/1441 SAID Secunia Advisory: SA21557 OSVDB 28132 MISC http://www.nsfocus.com/english/homepage/research/0608.htm CONFIRM http://www.microsoft.com/technet/security/advisory/923762.mspx http://support.microsoft.com/kb/923762/ CERT-VN 821156 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/444319/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/444241/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/444046/100/0/threaded BID 19667

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	OpenBSD BIND Query Port DNS Cache Poisoning

2.	Red Hat update for kernel

3.	Drupal Session Fixation Vulnerability

4.	Debian update for clamav

5.	Linux Kernel LDT Buffer Size Handling Vulnerability

6.	IPCop update for perl

7.	Ubuntu update for php

8.	Debian update for xulrunner

9.	dnsmasq Denial of Service and DNS Cache Poisoning

10.	Apple Safari Cross-Domain Cookie Injection Vulnerability