Описание
DataSourceControl in Internet Explorer 6 on Windows XP SP2 with Office installed allows remote attackers to cause a denial of service (crash) via a large negative integer argument to the getDataMemberName method of a OWC11.DataSourceControl.11 object, which leads to an integer overflow and a null dereference.
Ссылки
- ExploitThird Party Advisory
- Broken Link
- ExploitThird Party AdvisoryVDB Entry
- Not Applicable
- Third Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- Broken Link
- ExploitThird Party AdvisoryVDB Entry
- Not Applicable
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.18898
Средний
2.6 Low
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
DataSourceControl in Internet Explorer 6 on Windows XP SP2 with Office installed allows remote attackers to cause a denial of service (crash) via a large negative integer argument to the getDataMemberName method of a OWC11.DataSourceControl.11 object, which leads to an integer overflow and a null dereference.
EPSS
Процентиль: 95%
0.18898
Средний
2.6 Low
CVSS2
Дефекты
NVD-CWE-Other