CVE-2006-3729

2006-07-1923:00:00

mitre

www.cve.org

6.8 Medium

AI Score

Confidence

High

0.047 Low

EPSS

Percentile

92.7%

JSON

DataSourceControl in Internet Explorer 6 on Windows XP SP2 with Office installed allows remote attackers to cause a denial of service (crash) via a large negative integer argument to the getDataMemberName method of a OWC11.DataSourceControl.11 object, which leads to an integer overflow and a null dereference.

References

browserfun.blogspot.com/2006/07/mobb-19-datasourcecontrol.html

www.osvdb.org/27111

www.securityfocus.com/bid/19069

www.vupen.com/english/advisories/2006/2883

exchange.xforce.ibmcloud.com/vulnerabilities/27803