CVE-2006-1992

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer version 6.00.2900.2873

Description The issue allows remote attackers to cause a denial of service (crash) via nested OBJECT tags, which trigger invalid pointer dereferences including NULL dereferences. It was initially thought that this issue might allow code execution, but Microsoft has stated that it is non-exploitable.

Recommendations For Microsoft Internet Explorer version 6.00.2900.2873, consider avoiding the use of nested OBJECT tags to prevent the denial of service. At the moment, there is no information about a newer version that contains a fix for this vulnerability.