CVE-2006-0544

Microsoft IE - Denial of Service

Title source: rule

Description

urlmon.dll in Microsoft Internet Explorer 7.0 beta 2 (aka 7.0.5296.0) allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a BGSOUND element with its SRC attribute set to "file://" followed by a large number of "-" (dash of hyphen) characters.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Tom Ferris · htmldoswindows

https://www.exploit-db.com/exploits/1475

View Code ZIP pw:eip

References (2)

[Vendor Advisory] http://www.security-protocols.com/advisory/sp-x23-advisory.txt

[Exploit] http://www.securityfocus.com/bid/16463

Scores

EPSS 0.2646

EPSS Percentile 96.3%

Details

Status published

Products (1)

microsoft/ie 7.0 beta_2

Published Feb 04, 2006

Tracked Since Feb 18, 2026