CVE-2006-3450

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer version 6

Description A remote code execution issue exists due to the way Internet Explorer interprets HTML with certain layout positioning combinations. An attacker could exploit this by constructing a specially crafted Web page, potentially allowing remote code execution if a user views the page. Successful exploitation could give an attacker complete control of the affected system. The issue involves the use of the document.getElementByID Javascript function to access crafted Cascading Style Sheet (CSS) elements.

Recommendations For Microsoft Internet Explorer version 6, consider avoiding the use of the document.getElementByID Javascript function to access crafted CSS elements until a fix is available. Restrict access to specially crafted Web pages to minimize the risk of exploitation.