This vulnerability may cause a denial of service (crash) within Microsoft Internet Explorer 6. By accessing the object references of a FolderItem ActiveX object--specifcally, by creating a NULL pointer dereference error when accessing a "FolderItem" object--attackers may crash the Microsoft browser. Successful execution, however, requires a victim to access a malicious Web page.
Additional Resources:
- French Security Incident Response Team: ADV-2006-2814
- BrowserFun: #15
- National Institute of Standards and Technology: CVE-2006-3458