Info

Disclosure

Jul 07, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

A local overflow exists in Internet Explorer 6. The browser fails to control length boundaries of the 'URL' attribute of the 'RDS.DataControl' object resulting in a page violation/heap overflow. This may allow an attacker to crash the browser or execute arbitrary code.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Availability
Exploit: Exploit Rumored
Disclosure: OSVDB Verified

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

Microsoft Corporation

Internet Explorer

6.0 SP4

References

Bugtraq ID: 18900
CVE ID: 2006-3510 (see also: NVD)
Metasploit ID: 26955
ISS X-Force ID: 27621
VUPEN Advisory: ADV-2006-2718
Other Advisory URL: http://browserfun.blogspot.com/2006/07/mobb-8-rdsdatacontrol-url.html
Generic Exploit URL: http://metasploit.com/users/hdm/tools/browserfun/mobb_008.html
http://www.securityfocus.com/data/vulnerabilities/exploits/msie-rds.datacontrol-dos.txt

Credit

H D Moore - hdmmetasploit.com - DigitalOffense

Direct URL: http://osvdb.org/26955