Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to cause a denial of service (application crash) by calling the stringToBinary function of the CEnroll.CEnroll.2 ActiveX object with a long second argument, which triggers an invalid memory access inside the SysAllocStringLen function.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Internet_explorer | Microsoft | 6.0 | 6.0 |
Internet_explorer | Microsoft | 6.0 | 6.0 |
Internet_explorer | Microsoft | 6.0 | 6.0 |