CVE-2006-4219

Name of the Vulnerable Software and Affected Versions Microsoft Windows 2003 EE SP1 CN Internet Explorer 6.0 SP1

Description The issue allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by instantiating the Terminal Services COM object (tsuserex.dll) as an ActiveX object in Internet Explorer.

Recommendations For Microsoft Windows 2003 EE SP1 CN, update the system to prevent exploitation. For Internet Explorer 6.0 SP1, avoid instantiating the Terminal Services COM object (tsuserex.dll) as an ActiveX object until a patch is available.