Skip to main content

CVE-2006-3873

Severity High
Score 7.5/10

Summary

Heap-based buffer overflow in URLMON.DLL in Microsoft Internet Explorer 6 SP1 on Windows 2000 and XP SP1, with versions the MS06-042 patch before 20060912, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long URL in a GZIP-encoded website that was the target of an HTTP redirect, due to an incomplete fix for CVE-2006-3869.

  • LOW
  • NETWORK
  • NONE
  • PARTIAL
  • PARTIAL
  • PARTIAL

References

Advisory Timeline

  • Published