CVE-2006-4066

Name of the Vulnerable Software and Affected Versions Microsoft Windows XP SP2

Description The issue allows context-dependent attackers to cause a denial of service, resulting in an application crash, via certain images that trigger a divide-by-zero error. This can be demonstrated using specific file types, such as .ico, .png, and .jpg files, which can cause applications like MSN Messenger and Internet Explorer to crash.

Recommendations For Microsoft Windows XP SP2, consider avoiding the use of potentially problematic image files until a resolution is provided. As a temporary workaround, restrict the handling of .ico, .png, and .jpg files in sensitive applications to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.