vendor:
Internet Explorer
by:
shinnai
N/A
CVSS
N/A
Denial of Service
CWE
Product Name: Internet Explorer
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested: Windows XP Professional SP2
2007
BrowseDialog Class (ccrpbds6.dll) Internet Explorer Denial of Service
The exploit uses a malicious object to trigger a Denial of Service (DoS) in Internet Explorer. It sends a large string as an argument to the SelectedFolder property of the BrowseDialog class, causing the browser to crash or become unresponsive. This vulnerability was tested on Windows XP Professional SP2 with Internet Explorer 7.
Mitigation:
Unknown