Описание
Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to cause a denial of service (application crash) by calling the stringToBinary function of the CEnroll.CEnroll.2 ActiveX object with a long second argument, which triggers an invalid memory access inside the SysAllocStringLen function.
Ссылки
- Broken Link
- Broken Link
- ExploitThird Party AdvisoryVDB Entry
- Not Applicable
- Third Party AdvisoryVDB Entry
- Broken Link
- Broken Link
- ExploitThird Party AdvisoryVDB Entry
- Not Applicable
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.17424
Средний
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to cause a denial of service (application crash) by calling the stringToBinary function of the CEnroll.CEnroll.2 ActiveX object with a long second argument, which triggers an invalid memory access inside the SysAllocStringLen function.
EPSS
Процентиль: 95%
0.17424
Средний
5 Medium
CVSS2
Дефекты
NVD-CWE-Other