Intrusion Prevention

MS.IE.CCRP.BrowseDialog.Server.DoS

Description

It indicates a possible exploit of a DoS vulnerability in a certain ActiveX control in the Common Controls Replacement Project(CCRP) BrowseDialog Server (ccrpbds6.dll), that may allow remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long CCRP_BDc.SelectedFolder property value.

Affected Products

Brad Martinez BrowseDialog ActiveX control 0

Impact

Internet Explorer 7 crash.

Recommended Actions

Currently we are not aware of any vendor-supplied patches for this issue.

CVE References

CVE-2007-0371