Back to search
CVE-2006-3730
Published: Jul 19, 2006
Modified: Feb 25, 2026
PUBLISHED
Description
Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads to an invalid memory copy.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1016941
vdb-entry
x_refsource_SECTRACK
TA06-283A
third-party-advisory
x_refsource_CERT
TA06-270A
third-party-advisory
x_refsource_CERT
MS06-057
vendor-advisory
x_refsource_MS
SSRT061264
vendor-advisory
x_refsource_HP
VU#753044
third-party-advisory
x_refsource_CERT-VN
20060927 Exploit module available for WebViewFolderIcon setSlice 0-day
mailing-list
x_refsource_BUGTRAQ
oval:org.mitre.oval:def:339
vdb-entry
signature
x_refsource_OVAL
http://isc.sans.org/diary.php?storyid=1742
x_refsource_MISC
ie-webviewfoldericon-dos(27804)
vdb-entry
x_refsource_XF
20060929 Determina zero-day fix for CVE-2006-3730 (WebViewFolderIcon setSlice Integer Overflow)
mailing-list
x_refsource_BUGTRAQ
20060930 setSlice exploited in the wild - massively
mailing-list
x_refsource_BUGTRAQ
http://riosec.com/msie-setslice-vuln
x_refsource_MISC
HPSBST02161
vendor-advisory
x_refsource_HP
27110
vdb-entry
x_refsource_OSVDB
19030
vdb-entry
x_refsource_BID
ADV-2006-2882
vdb-entry
x_refsource_VUPEN
2440
exploit
x_refsource_EXPLOIT-DB
20060930 ZERT patch for setSlice()
mailing-list
x_refsource_BUGTRAQ
22159
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now