Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3354

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-3354
Last Modified 05 Sep 2008 05:06:53
Published 05 Jul 2006 09:05:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-3354

Summary

Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Filter property of an ADODB.Recordset ActiveX object to certain values multiple times, which triggers a null dereference.

Vulnerable Systems

Application

  • Microsoft Ie 6

  • Microsoft Ie 6.0

  • Microsoft Ie 6.0.2600

  • Microsoft Ie 6.0.2800

  • Microsoft Ie 6.0.2800.1106

  • Microsoft Ie 6.0.2900.2180


References

XF - ie-adodb-recordset-dos(27596)

BID - 18773

OSVDB - 26834

MISC - http://browserfun.blogspot.com/2006/07/mobb-1-adodbrecordset-filter-property.html


Last Updated: 27 May 2016 10:42:58