CNET también está disponible en español.

Ir a español

Don't show this again


Buffer overflow in Internet Explorer urlmon.dll

Causes a denial-of-service (crash) and can allow remote access.

A heap-based buffer overflow vulnerability is still exploitable, even if you applied Microsoft Security Bulletin patch MS2006-042 on or before September 12, 2006. Despite the Microsoft patch, malicious users were still able to cause denial-of-service attacks or execute arbitrary code via a long URL. This is a result of an incomplete fix for CVE-2006-3869. Applying the reissued patch after September 12, 2006 should resolve the problem.

Additional resources: