COM object flaw in Internet Explorer 6

Three malformed dll files could trigger a denial of service attacks

A flaw in certain ActiveX controls in Microsoft Internet Explorer 6.0 and possibly other versions allows remote attackers to cause a denial of service and possibly execute arbitrary code. By instantiating certain COM objects, including (1) imskdic.dll (Microsoft IME), (2) chtskdic.dll (Microsoft IME), and (3) msoe.dll (Outlook), as ActiveX controls, a memory corruption occurs, crashing the Internet browser.

Additional Resources:

Featured Video