Heap-based buffer overflow in URLMON.DLL in Microsoft Internet Explorer 6 SP1 on Windows 2000 and XP SP1, with versions the MS06-042 patch before 20060912, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long URL in a GZIP-encoded website that was the target of an HTTP redirect, due to an incomplete fix for CVE-2006-3869.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
14 Feb 2024, 01:17
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) http://weblog.infoworld.com/techwatch/archives/007870.html - Patch, URL Repurposed |
Information
Published : 2006-09-12 23:07
Updated : 2024-02-28 10:42
NVD link : CVE-2006-3873
Mitre link : CVE-2006-3873
CVE.ORG link : CVE-2006-3873
JSON object : View
Products Affected
microsoft
- windows_2003_server
- windows_xp
- windows_2000
- ie
CWE