Intrusion Prevention



This indicates an attack attempt against a denial of service vulnerability in Microsoft Internet Explorer.
The vulnerability is due to MSIE failing to handle large values in the "StartColorStr" and "EndColorStr" properties of the ActiveX object, resulting in a stack overflow. It allows remote attackers to cause a denial of service by sending a crafted html page.

Affected Products

Microsoft Internet Explorer 6.0 SP2


Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Upgrade to the latest version, available from the website.

CVE References