Microsoft IE Frameset inside Table NULL Dereference

2006-07-06T00:00:00
ID OSVDB:26837
Type osvdb
Reporter Aviv Raff()
Modified 2006-07-06T00:00:00

Description

Vulnerability Description

Microsoft IE contains a flaw that may allow a local denial of service. The issue is triggered when a NULL pointer is referenced by a crafted 'Frameset' and 'Table' argument, and will result in loss of availability for the browser.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Microsoft IE contains a flaw that may allow a local denial of service. The issue is triggered when a NULL pointer is referenced by a crafted 'Frameset' and 'Table' argument, and will result in loss of availability for the browser.

References:

Other Advisory URL: http://browserfun.blogspot.com/2006/07/mobb-7-tableframeset.html Generic Exploit URL: http://metasploit.com/users/hdm/tools/browserfun/mobb_007.html FrSIRT Advisory: ADV-2006-2701 CVE-2006-3471 Bugtraq ID: 18873