virus logo Intrusion Prevention

MS.IE.Mshtml.DLL.Script.Action.Handler.Buffer.Overflow

description-logoDescription

This indicates an attack attempt against a buffer overflow vulnerability in Microsoft Internet Explorer.
The vulnerability is caused by an error when mshtml.dll is handling a malicious HTML including a large number of script action handlers. It allows a remote attacker to execute arbitrary code via sending a crafted web page.

affected-products-logoAffected Products

Microsoft Internet Explorer 5.0.1 SP4
Microsoft Internet Explorer 5.0.1 SP3
Microsoft Internet Explorer 5.0.1 SP2
Microsoft Internet Explorer 5.0.1 SP1
Microsoft Internet Explorer 5.0.1 for Windows NT 4.0
Microsoft Internet Explorer 5.0.1 for Windows 98
Microsoft Internet Explorer 5.0.1 for Windows 95
Microsoft Internet Explorer 5.0.1 for Windows 2000
Microsoft Internet Explorer 5.0.1
Microsoft Internet Explorer 7.0 beta2
Microsoft Internet Explorer 7.0 beta1
Microsoft Internet Explorer 6.0 SP2 - do not use
Microsoft Internet Explorer 6.0 SP1
Microsoft Internet Explorer 6.0

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Refer to the vendor's web site for suggested workaround.
http://www.microsoft.com/technet/security/Bulletin/MS06-013.mspx

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 18237
Created Mar 11, 2010
Updated Jan 13, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2006-1245
Exploit Prediction Score 96.71%
Default Action drop
Active
Affected OS Windows
Affected App IE