**WebViewFolderIcon** ActiveX control provides support for icons in the Windows Explorer Web view.
An integer overflow vulnerability in the
**setSlice** method in the
**WebViewFolderIcon** ActiveX control allows remote command execution by a specially crafted web page.
See Microsoft Security Advisory 926043 for fix information.
Exploit works on Internet Explorer 6.0. Exploit requires a user to load the exploit page into the vulnerable browser.
Due to the nature of the vulnerability, the success of the exploit may depend upon the system state. There may be a delay before the exploit succeeds due to the large amount of memory required on the target.