Intrusion Prevention



Microsoft Internet Explorer is vulnerable to a denial of service attack. This flaw exists due to a NULL pointer dereference error when appending a frameset element to a table object via the appendChild() method. Any attacker can crash a vulnerable browser by tricking a user into visiting a malicious web page.

Affected Products

Microsoft Internet Explorer 6 SP1
Microsoft Internet Explorer 6


Denial of service

Recommended Actions

As of July 21 2006, Fortinet is unaware of any security updates released by Microsoft that fixes this vulnerability for Internet Explorer. If you have more recent information please contact Fortinet at vulnwatch AT
If possible, use a web browser not vulnerable to this attack br>
Users should never visit sites of questionable integrity or follow links provided by unfamiliar or untrusted sources. br>
Disable the execution of script code or active content in your web browser. br>
Do not accept, view or execute files from untrusted or unknown sources.

CVE References