Vulnerabilities > CVE-2006-7206 - Unspecified vulnerability in Microsoft Internet Explorer 6
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by creating a ADODB.Recordset object and making a series of calls to the NextRecordset method with a long string argument, which causes an "invalid memory access" in the SysFreeString function, a different issue than CVE-2006-3510 and CVE-2006-3899.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 | |
Application | 1 |
Exploit-Db
description | MS Internet Explorer Recordset Double Free Memory Exploit (MS07-009). CVE-2006-7206. Remote exploit for windows platform |
id | EDB-ID:3577 |
last seen | 2016-01-31 |
modified | 2007-03-26 |
published | 2007-03-26 |
reporter | N/A |
source | https://www.exploit-db.com/download/3577/ |
title | Microsoft Internet Explorer - Recordset Double Free Memory Exploit MS07-009 |