Signature Detail

HTTP: Multiple MSHTML Action Handlers

This signature detects HTTP traffic containing multiple Action Handlers inside an HTML tag. Malicious Web sites can utilize this vulnerability to crash client browsers. Internet Explorer 6 is vulnerable.

Extended Description

Microsoft Internet Explorer is susceptible to a remote buffer-overflow vulnerability in 'MSHTML.DLL'. The application fails to properly bounds-check user-supplied input data before copying it into an insufficiently sized memory buffer. Remote attackers may exploit this issue to crash affected web browsers. Remote code execution may also be possible, but this has not been confirmed. Internet Explorer 6 is vulnerable to this issue; other versions may also be affected.

Affected Products

• Microsoft Internet Explorer 5.0.1
• Microsoft Internet Explorer 5.0.1 For Windows 2000
• Microsoft Internet Explorer 5.0.1 For Windows 95
• Microsoft Internet Explorer 5.0.1 For Windows 98
• Microsoft Internet Explorer 5.0.1 For Windows NT 4.0
• Microsoft Internet Explorer 5.0.1 SP1
• Microsoft Internet Explorer 5.0.1 SP2
• Microsoft Internet Explorer 5.0.1 SP3
• Microsoft Internet Explorer 5.0.1 SP4
• Microsoft Internet Explorer 6.0
• Microsoft Internet Explorer 6.0 SP1
• Microsoft Internet Explorer 7.0 Beta1
• Microsoft Internet Explorer 7.0 Beta2

References

• BugTraq: 17131
• CVE: CVE-2006-1245