New Search

ActiveX Control Memory Corruption Vulnerability (2K/XP)

oval:org.mitre.oval:def:1944

Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via "unexpected data" related to "parameter validation" in the DXImageTransform.Microsoft.Light ActiveX control which causes Internet Explorer to crash in a way that enables the code execution.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 2000
  • Microsoft Windows XP
Class:
vulnerability
Reference(s):
  • CVE-2006-2383
Product(s):
  • Microsoft Internet Explorer