Description
danim.dll in Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (application crash) by accessing the Data property of a DirectAnimation DAUserData object before it is initialized, which triggers a NULL pointer dereference.
Exploits (1)
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/27622
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/2719
Exploit x_refsource_misc
http://browserfun.blogspot.com/2006/07/mobb-9-directanimationdauserdata-data.html
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/18902
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/27013
Scores
EPSS
0.3473
EPSS Percentile
97.0%
Details
Status
published
Products (6)
microsoft/ie
6.0 (4 CPE variants)
microsoft/internet_explorer
6.0
microsoft/internet_explorer
6.0.2600
microsoft/internet_explorer
6.0.2800
microsoft/internet_explorer
6.0.2800.1106
microsoft/internet_explorer
6.0.2900.2180
Published
Jul 11, 2006
Tracked Since
Feb 18, 2026