CVE-2006-3898

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer version 6.0 on Windows XP SP2

Description The issue allows remote attackers to cause a denial of service, resulting in an application crash. This occurs when the Click method of the Internet.HHCtrl.1 ActiveX object is called before initializing the URL, triggering a null dereference.

Recommendations For Microsoft Internet Explorer version 6.0 on Windows XP SP2, avoid calling the Click method of the Internet.HHCtrl.1 ActiveX object before initializing the URL as a temporary workaround to minimize the risk of exploitation.