Back to search
CVE-2004-2434
Published: Aug 18, 2005
Modified: Aug 8, 2024
PUBLISHED
Description
Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (browser crash) via a link with "::{" (colon colon left brace), which triggers a null dereference when the user attempts to save the link using "Save As" and Internet Explorer prepares an error message with an attacker-controlled format string.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
8335
vdb-entry
x_refsource_OSVDB
1010491
vdb-entry
x_refsource_SECTRACK
20040615 RE: Internet Explorer Remote Null Pointer Crash(mshtml.dll)
mailing-list
x_refsource_FULLDISC
20040728 Re: Internet Explorer Remote Null Pointer Crash(mshtml.dll)
mailing-list
x_refsource_FULLDISC
20040614 Internet Explorer Remote Null Pointer Crash(mshtml.dll)
mailing-list
x_refsource_FULLDISC
ie-null-pointer-dos(16420)
vdb-entry
x_refsource_XF
http://www.securiteam.com/windowsntfocus/5IP020KDPU.html
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now