Intrusion Prevention

MS.IE.DXImageTransform.Properties.DoS

Description

This indicates an attack attempt against a denial of service vulnerability in Microsoft Internet Explorer.
The vulnerability is due to MSIE failing to handle large values in the "StartColorStr" and "EndColorStr" properties of the ActiveX object, resulting in a stack overflow. It allows remote attackers to cause a denial of service by sending a crafted html page.

Affected Products

Microsoft Internet Explorer 6.0 SP2

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Upgrade to the latest version, available from the website.
http://windows.microsoft.com/en-US/internet-explorer/downloads/ie

CVE References

CVE-2006-3657