Internet Explorer DirectX Image Transform Object Denial of Service Vulnerability

Flaw triggers a denial of service (crash) within Internet Explorer on specially crafted Web pages

Robert Vamosi Former Editor

As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.

See full bio

Robert Vamosi

Jan. 23, 2007 1:01 p.m. PT

This vulnerability creates a denial of service (crash) within Microsoft Internet Explorer 6 after a victim has been tricked into visiting a malicious Web page. Using the DXImageTransform.Microsoft.Gradient ActiveX object with a long (1) StartColorStr or (2) EndColorStr property, an error is generated.

Additional Resources:

French Security Incident Response Team: ADV-2006-2832
BrowserFun: #17
National Institute of Standards and Technology: CVE-2006-3657

Mobile Guides

Phones

Foldable Phones

Headphones

Mobile Accessories

Smartwatches

Wireless Plans

Mobile coupons