CVE-2006-1189

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 5.01 through 6

Description A remote code execution issue exists due to the way Internet Explorer handles double-byte characters in specially crafted URLs. This could allow an attacker to execute arbitrary code via a crafted URL with an International Domain Name (IDN) using double-byte character sets (DBCS). An attacker could exploit this by constructing a malicious Web page, potentially allowing remote code execution if a user visits the site. A successful exploitation could give the attacker complete control of the affected system.

Recommendations For Microsoft Internet Explorer versions 5.01 through 6, consider avoiding the use of double-byte characters in URLs until a patch is available. As a temporary workaround, restrict access to potentially malicious websites to minimize the risk of exploitation.