Intrusion PreventionMS.IE.OVCtl.NewDefaultItem.DoS
Description
Microsoft Internet Explorer contains a vulnerability which could be exploited by attackers to cause a denial of service. This flaw is due to a NULL pointer dereference error in the Outlook View Control "Outlctl.dll" when processing a "NewDefaultItem()". This bug can be exploited by attackers to crash a vulnerable browser by tricking a user into visiting a malicious web page.
Affected Products
Microsoft Internet Explorer 6.0 SP1 with Microsoft Outlook
Microsoft Internet Explorer 6.0 with Microsoft Outlook
Impact
Denial of Service
Recommended Actions
Currently we are not aware of any vendor supplied patches for this issue.
Users should never visit sites of questionable integrity or follow links provided by unfamiliar or untrusted sources.
Disable the execution of script code or active content in your web browser.
Disabling scripting and active content in the Internet Zone may limit exposure to this and other vulnerabilities.
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2020-12-11 | 16.978 |
| ID | 12085 |
| Created | Jul 24, 2006 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2006-3910 |
| Exploit Prediction Score | 83.96% |
| Default Action | pass |
| Active | |
| Affected OS | Windows |
| Affected App | IE |