Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3513

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-3513
Last Modified 07 Mar 2011 09:38:47
Published 11 Jul 2006 07:05:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-3513

Summary

danim.dll in Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (application crash) by accessing the Data property of a DirectAnimation DAUserData object before it is initialized, which triggers a NULL pointer dereference.

Vulnerable Systems

Application

  • Microsoft Ie 6.0

  • Microsoft Ie 6.0.2600

  • Microsoft Ie 6.0.2800

  • Microsoft Ie 6.0.2800.1106

  • Microsoft Ie 6.0.2900.2180


References

VUPEN - ADV-2006-2719

BID - 18902

MISC - http://browserfun.blogspot.com/2006/07/mobb-9-directanimationdauserdata-data.html

XF - ie-directanimation-dauserdata-dos(27622)

OSVDB - 27013


Last Updated: 27 May 2016 10:43:02