Oval Definition:	oval:org.mitre.oval:def:1924
Revision Date: 2014-02-24 Version: 48 Title: ActiveX Control Memory Corruption Vulnerability (Win2K) Description: Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via "unexpected data" related to "parameter validation" in the DXImageTransform.Microsoft.Light ActiveX control, which causes Internet Explorer to crash in a way that enables the code execution. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2006-2383 Platform(s): Microsoft Windows 2000 Product(s): Microsoft Internet Explorer Definition Synopsis Windows 2000 Service Pack 4 (or later) is installed Windows 2000 is installed AND Win2K/XP/2003 service pack 4 (or later) is installed AND Internet Explorer 5.01 Service Pack 4 is installed AND the version of mshtml.dll is less than 5.0.3841.1900
BACK