Microsoft WebViewFolderIcon ActiveX Control Buffer Overflow Vulnerability
Schweregrad:: Mittel
CVE Kennungen:: CVE-2006-3730,MS06-057
Hinweisdatum: 21 Juli 2015
Beschreibung
cve: Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads to an invalid memory copy.
Trend Micro Lösungen
Apply associated Trend Micro DPI Rules.
Lösungen
Trend Micro Deep Security DPI Rule Number: 1000679
Trend Micro Deep Security DPI Rule Name: 1000679 - MoBB #18: WebViewFolderIcon setSlice
Betroffene Software und Version:
- Microsoft Internet Explorer 6.0
- Microsoft Internet Explorer 6.0 SP1