IE6 Multiple Event Handler Memory Corruption (Win2K/XPSP1)
Buffer overflow in mshtml.dll in Microsoft Internet Explorer 6.0.2900.2180 and probably other versions allows remote attackers to execute arbitrary code via an HTML tag with a large number of script action handlers such as onload and onmouseover as demonstrated using onclick aka the "Multiple Event Handler Memory Corruption Vulnerability."
- Microsoft Windows 2000
- Microsoft Windows XP
- Microsoft Internet Explorer