Microsoft Windows CE Internet Explorer Content-Type Denial of Service Vulnerability
BID:24393
Info
Microsoft Windows CE Internet Explorer Content-Type Denial of Service Vulnerability
| Bugtraq ID: | 24393 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 08 2007 12:00AM |
| Updated: | Jun 08 2007 12:00AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
Microsoft Windows CE 6.0 |
| Not Vulnerable: | |
Discussion
Microsoft Windows CE Internet Explorer Content-Type Denial of Service Vulnerability
Microsoft Internet Explorer for Windows CE is prone to a denial-of-service vulnerability because the software fails to handle exceptional conditions.
This issue is triggered when an attacker entices a victim user to visit a malicious website.
Remote attackers may exploit this issue to crash Internet Explorer, effectively denying service to legitimate users. Given the nature of this vulnerability, a possible cause for the problem may be a buffer overflow, but this has not been confirmed.
This issue affects Internet Explorer for Windows CE 6.
Microsoft Internet Explorer for Windows CE is prone to a denial-of-service vulnerability because the software fails to handle exceptional conditions.
This issue is triggered when an attacker entices a victim user to visit a malicious website.
Remote attackers may exploit this issue to crash Internet Explorer, effectively denying service to legitimate users. Given the nature of this vulnerability, a possible cause for the problem may be a buffer overflow, but this has not been confirmed.
This issue affects Internet Explorer for Windows CE 6.
Exploit / POC
Microsoft Windows CE Internet Explorer Content-Type Denial of Service Vulnerability
An attacker may exploit this issue by enticing victims into viewing malicious HTML content.
An attacker may exploit this issue by enticing victims into viewing malicious HTML content.
Solution / Fix
Microsoft Windows CE Internet Explorer Content-Type Denial of Service Vulnerability
Solution:
Microsoft released an advisory and fixes to address this issue. Please see the references for more information.
Solution:
Microsoft released an advisory and fixes to address this issue. Please see the references for more information.
References
Microsoft Windows CE Internet Explorer Content-Type Denial of Service Vulnerability
References:
References: