New Search

IE6 Multiple Event Handler Memory Corruption (WinXP)

oval:org.mitre.oval:def:1599

Buffer overflow in mshtml.dll in Microsoft Internet Explorer 6.0.2900.2180 and probably other versions allows remote attackers to execute arbitrary code via an HTML tag with a large number of script action handlers such as onload and onmouseover as demonstrated using onclick aka the "Multiple Event Handler Memory Corruption Vulnerability."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows XP
Class:
vulnerability
Reference(s):
  • CVE-2006-1245
Product(s):
  • Microsoft Internet Explorer