Intrusion Prevention

MS.IE.WebViewFolderIcon.Remote.DoS

Description

This indicates detection of an attempt to exploit a Denial of Service vulnerability in Microsoft Internet Explorer 6 on Windows XP SP2.
The vulnerability allows remote attackers to cause a Denial of Service, because the application fails to properly handle error conditions. The application crashes when passed a "0x7fffffff" argument to the "setSlice" method in a "WebViewFolderIcon" ActiveX object. This leads to an invalid memory copy and crashes the browser.

Affected Products

Microsoft Internet Explorer 6.0 SP1
Microsoft Internet Explorer 6.0

Impact

Denial of Service.

Recommended Actions

Currently Fortinet is not aware of any vendor supplied patches for this issue.

CVE References

CVE-2006-3730