First published: Tue Jul 11 2006(Updated: )
danim.dll in Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (application crash) by accessing the Data property of a DirectAnimation DAUserData object before it is initialized, which triggers a NULL pointer dereference.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Internet Explorer | =6.0 | |
Microsoft Internet Explorer | =6.0-sp1 | |
Microsoft Internet Explorer | =6.0-sp2 | |
Microsoft Internet Explorer | =6.0-windows_xp_sp2 | |
Internet Explorer | =6.0 | |
Internet Explorer | =6.0.2600 | |
Internet Explorer | =6.0.2800 | |
Internet Explorer | =6.0.2800.1106 | |
Internet Explorer | =6.0.2900.2180 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2006-3513 has a severity rating that indicates it allows remote attackers to cause a denial of service through application crash.
To mitigate CVE-2006-3513, you should upgrade to a version of Internet Explorer that does not have this vulnerability.
CVE-2006-3513 affects Microsoft Internet Explorer 6.0 and its service packs.
CVE-2006-3513 is a denial of service vulnerability caused by a NULL pointer dereference.
Attackers can use CVE-2006-3513 to crash the Internet Explorer application, leading to denial of service.