Oval Definition:	oval:org.mitre.oval:def:1599
Revision Date: 2011-05-16 Version: 46 Title: IE6 Multiple Event Handler Memory Corruption (WinXP) Description: Buffer overflow in mshtml.dll in Microsoft Internet Explorer 6.0.2900.2180, and probably other versions, allows remote attackers to execute arbitrary code via an HTML tag with a large number of script action handlers such as onload and onmouseover, as demonstrated using onclick, aka the "Multiple Event Handler Memory Corruption Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2006-1245 Platform(s): Microsoft Windows XP Product(s): Microsoft Internet Explorer Definition Synopsis Windows XP (64-bit,SP1 or 32-bit,SP2) is installed Windows XP 32 bit Service Pack 2 Win2K/XP/2003/Vista/2008 service pack 2 is installed AND Windows XP 32-bit edition is installed Windows XP is installed AND 32-Bit version of Windows is installed OR Windows XP 64-bit with Service Pack 1 Windows XP is installed AND a version of Windows for the ia64 architecture is installed AND Win2K/XP/2003/Vista service pack 1 is installed AND the version of mshtml.dll is less than 6.0.2900.2873
BACK