CVE-2006-1245 Information

Description

Buffer overflow in mshtml.dll in Microsoft Internet Explorer 6.0.2900.2180 and probably other versions allows remote attackers to execute arbitrary code via an HTML tag with a large number of script action handlers such as onload and onmouseover as demonstrated using onclick aka the \Multiple Event Handler Memory Corruption Vulnerability.\

Reference

http://archives.neohapsis.com/archives/bugtraq/2006-02/0855.html http://secunia.com/advisories/18957 http://secunia.com/advisories/19269 http://securitytracker.com/id?1015794 http://www.kb.cert.org/vuls/id/984473 http://www.osvdb.org/23964 http://www.securityfocus.com/archive/1/428810/100/0/threaded http://www.securityfocus.com/archive/1/453436/100/0/threaded http://www.securityfocus.com/archive/1/453554/100/0/threaded http://www.securityfocus.com/bid/17131 http://www.us-cert.gov/cas/techalerts/TA06-101A.html http://www.vupen.com/english/advisories/2006/1318 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013 https://exchange.xforce.ibmcloud.com/vulnerabilities/25292 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1451 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1569 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1599 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1632 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1766