CNET también está disponible en español.

Ir a español

Don't show this again


Internet Explorer "FolderItem" Object Access Remote Denial of Service Vulnerability

Flaw may crash Internet Explorer with specially crafted Web pages

This vulnerability may cause a denial of service (crash) within Microsoft Internet Explorer 6. By accessing the object references of a FolderItem ActiveX object--specifcally, by creating a NULL pointer dereference error when accessing a "FolderItem" object--attackers may crash the Microsoft browser. Successful execution, however, requires a victim to access a malicious Web page.

Additional Resources:

  • French Security Incident Response Team: ADV-2006-2814
  • BrowserFun: #15
  • National Institute of Standards and Technology: CVE-2006-3458