FolderTreeView ActiveX Control Remote Denial of Service Vulnerability
BID:22092
Info
FolderTreeView ActiveX Control Remote Denial of Service Vulnerability
| Bugtraq ID: | 22092 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 17 2007 12:00AM |
| Updated: | Jan 18 2007 12:02AM |
| Credit: | shinnai <[email protected]> discovered this vulnerability. |
| Vulnerable: |
Common Controls Replacement Project FolderTreeview Control 1.0 |
| Not Vulnerable: | |
Discussion
FolderTreeView ActiveX Control Remote Denial of Service Vulnerability
FolderTreeview is prone to a denial-of-service vulnerability.
An attacker can exploit this issue to trigger denial-of-service conditions in Internet Explorer or other applications that use the vulnerable ActiveX control.
FolderTreeview is prone to a denial-of-service vulnerability.
An attacker can exploit this issue to trigger denial-of-service conditions in Internet Explorer or other applications that use the vulnerable ActiveX control.
Exploit / POC
FolderTreeView ActiveX Control Remote Denial of Service Vulnerability
An example exploit has been provided:
An example exploit has been provided:
Solution / Fix
FolderTreeView ActiveX Control Remote Denial of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
References
FolderTreeView ActiveX Control Remote Denial of Service Vulnerability
References:
References:
- FolderTreeview Control Product Page (Common Controls Replacement Project)
- Microsoft Knowledge Base Article 240797 (Microsoft)