Internet Security Software - Computer Security Software - Security Software
Software Security Solutions background
 
 
LinkScanner
LinkScanner Resource Center
LinkScanner Support
LinkScanner White Papers
LinkScanner Press Releases
LinkScanner Manual
Free Trial
Empty Cart Cart

mountains

LinkScanner Knowledge Base


spacer

Exploit: IE script action overload (CVE-2006-1245)
Dated Posted:

04.10.2007
Posted By:

Roger Thompson - CTO
Category:

Research
 
 

This exploit uses a malicious web page to overload Microsoft Internet Explorer with a very large number of 'on' control handlers, such as "onclick", causing IE to write into memory outside its allocated range. This causes IE to crash, with the possibility that carefully designed malicious code will run.

A description of this bug was published in the BugTrag mailing list 16 March, 2006, along with a pointer to a Proof of Concept web page that crashes IE. Microsoft responded with a patch to correct this bug on 11 April, 2006 - (MSO6-013).

(CVE-2006-1245)
   

 

Return to Knowledge Base

Anti Virus Software | Eset NOD32 | Kaspersky | Eset Smart Security | Spyware Removal Software | Spysweeper
Remove Adware |LinkScanner | LinkScanner Online | Firewalls | Outpost | SonicWALL | Disaster Recovery
Spam Blocker | Security Tools | Computer Security Tips | Layered Security Model | Security Software Resources
Solution Certifications | Trusted Reviews | Security Goal | Security Links
Partners | Press Releases | White Papers | About Us Home


Contact Software Security Solutions at (303) 232-9070
Site Map | Privacy Policy | Legal Notice | Home

© 2008 Software Security Solutions. All rights reserved.