Microsoft WebViewFolderIcon ActiveX Control Buffer Overflow Vulnerability

2015年7月21日

Email
Facebook
Twitter
Google+
Linkedin

危険度: : 中

CVE識別番号: CVE-2006-3730,MS06-057

概要

cve: Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads to an invalid memory copy.

トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

対応方法

Trend Micro Deep Security DPI Rule Number: 1000679

Trend Micro Deep Security DPI Rule Name: 1000679 - MoBB #18: WebViewFolderIcon setSlice

影響を受けるソフトウェア

Microsoft Internet Explorer 6.0
Microsoft Internet Explorer 6.0 SP1