CVE-2006-3944

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer version 6 on Windows XP SP2

Description The issue allows remote attackers to cause a denial of service, resulting in a crash. This can be achieved by creating a Forms.ListBox.1 or Forms.ListBox.1 object and setting the ListWidth property to specific values, such as 0x7fffffff, which triggers an integer overflow exception, or 0x7ffffffe, which triggers a null dereference.

Recommendations For Microsoft Internet Explorer version 6 on Windows XP SP2, consider avoiding the use of the ListWidth property with the specified values until a fix is available. As a temporary workaround, restrict the creation of Forms.ListBox.1 objects to minimize the risk of exploitation.