MitreCVELIST:CVE-2006-3357CVE-2006-3357
Heap-based buffer overflow in HTML Help ActiveX control (hhctrl.ocx) in Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code by repeatedly setting the Image field of an Internet.HHCtrl.1 object to certain values, possibly related to improper escaping and long strings.
References
browserfun.blogspot.com/2006/07/mobb-2-internethhctrl-image-property.html
secunia.com/advisories/20906
securitytracker.com/id?1016434
www.kb.cert.org/vuls/id/159220
www.osvdb.org/26835
www.securityfocus.com/archive/1/442733/100/0/threaded
www.securityfocus.com/bid/18769
www.tippingpoint.com/security/advisories/TSRT-06-08.html
www.us-cert.gov/cas/techalerts/TA06-220A.html
www.vupen.com/english/advisories/2006/2634
www.vupen.com/english/advisories/2006/2635
docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-046
exchange.xforce.ibmcloud.com/vulnerabilities/27573
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13
Related
