World Backup Day Deals Best Cloud Storage Options Apple AR/VR Headset Uncertainty Samsung Galaxy A54 Preorders iOS 16.4: What's New 10 Best Foods for PCOS 25 Easter Basket Ideas COVID Reinfection: What to Know
Want CNET to notify you of price drops and the latest stories?
No, thank you

Buffer overflow in Internet Explorer urlmon.dll

Causes a denial-of-service (crash) and can allow remote access.

A heap-based buffer overflow vulnerability is still exploitable, even if you applied Microsoft Security Bulletin patch MS2006-042 on or before September 12, 2006. Despite the Microsoft patch, malicious users were still able to cause denial-of-service attacks or execute arbitrary code via a long URL. This is a result of an incomplete fix for CVE-2006-3869. Applying the reissued patch after September 12, 2006 should resolve the problem.

Additional resources: