CVE-2006-3873

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer 6 SP1 versions prior to MS06-042 patch 20060912

Description A remote code execution issue exists in the way Internet Explorer handles long URLs in websites using HTTP 1.1 protocol and compression. This could allow an attacker to cause a denial of service or execute arbitrary code via a specially crafted Web page, potentially giving the attacker complete control of an affected system.

Recommendations For Microsoft Internet Explorer 6 SP1 versions prior to MS06-042 patch 20060912, apply the MS06-042 patch released after 20060912 to resolve the issue. As a temporary workaround, consider avoiding the use of long URLs in GZIP-encoded websites to minimize the risk of exploitation.