Intrusion Prevention

MS.IE.OVCtl.NewDefaultItem.DoS

Description

Microsoft Internet Explorer contains a vulnerability which could be exploited by attackers to cause a denial of service. This flaw is due to a NULL pointer dereference error in the Outlook View Control "Outlctl.dll" when processing a "NewDefaultItem()". This bug can be exploited by attackers to crash a vulnerable browser by tricking a user into visiting a malicious web page.

Affected Products

Microsoft Internet Explorer 6.0 SP1 with Microsoft Outlook
Microsoft Internet Explorer 6.0 with Microsoft Outlook

Impact

Denial of Service

Recommended Actions

Currently we are not aware of any vendor supplied patches for this issue.
Users should never visit sites of questionable integrity or follow links provided by unfamiliar or untrusted sources.
Disable the execution of script code or active content in your web browser.
Disabling scripting and active content in the Internet Zone may limit exposure to this and other vulnerabilities.

CVE References

CVE-2006-3910