CVE-2006-2382

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 5.01 SP4 and 6 SP1 and earlier

Description A remote code execution issue exists due to the way Internet Explorer decodes specially crafted UTF-8 encoded HTML, potentially allowing an attacker to execute arbitrary code via a crafted Web page. If successfully exploited, an attacker could take complete control of an affected system.

Recommendations For Microsoft Internet Explorer versions 5.01 SP4 and 6 SP1 and earlier, consider disabling the rendering of UTF-8 encoded HTML as a temporary workaround until a patch is available. Restrict access to specially crafted Web pages to minimize the risk of exploitation.