First published: Fri Feb 23 2007(Updated: )
Microsoft Internet Explorer 6.0.2900 SP2 and earlier allows remote attackers to cause a denial of service (crash) via a table element with a CSS attribute that sets the position, which triggers an "unhandled exception" in mshtml.dll.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Any of | ||
Microsoft Windows 2000 | ||
Microsoft Windows Server 2003 | ||
Microsoft Windows Server 2003 | =gold | |
Microsoft Windows Server 2003 | =r2 | |
Microsoft Windows Server 2003 | =sp2 | |
Microsoft Windows 9x | ||
Microsoft Windows 9x | =gold | |
Microsoft Windows Embedded | ||
Microsoft Windows | ||
Microsoft Windows NT | ||
Microsoft Windows Vista | ||
Microsoft Windows XP | =gold | |
Internet Explorer | <=6.0.2900 | |
Microsoft Windows 2000 | ||
Microsoft Windows Server 2003 | ||
Microsoft Windows Server 2003 | =gold | |
Microsoft Windows Server 2003 | =r2 | |
Microsoft Windows Server 2003 | =sp2 | |
Microsoft Windows 9x | ||
Microsoft Windows 9x | =gold | |
Microsoft Windows CE | ||
Microsoft Windows | ||
Microsoft Windows NT | ||
Microsoft Windows Vista | ||
Microsoft Windows XP | =gold | |
Internet Explorer | <=6.0.2900 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2006-7031 has a denial of service severity rating as it causes Internet Explorer to crash.
To fix CVE-2006-7031, it is recommended to update Internet Explorer to a version later than 6.0.2900.
CVE-2006-7031 affects Microsoft Internet Explorer versions up to 6.0.2900 on various Windows operating systems.
The vulnerability in CVE-2006-7031 is caused by a CSS attribute in a table element that triggers an unhandled exception in mshtml.dll.
CVE-2006-7031 is less of a threat today due to outdated software, but users of legacy systems should still be cautious.