PT-2007-1482 · Microsoft · Internet Explorer

Published

2007-06-22

Updated

2021-07-23

CVE-2006-7206

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by creating a ADODB.Recordset object and making a series of calls to the NextRecordset method with a long string argument, which causes an "invalid memory access" in the SysFreeString function, a different issue than CVE-2006-3510 and CVE-2006-3899.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-7206

Affected Products

Internet Explorer

PT-2007-1482 · Microsoft · Internet Explorer

CVE-2006-7206

Related Identifiers

Affected Products

References · 6