The Remote Data Service Object (RDS.DataControl) in Microsoft Internet Explorer 6 on Windows 2000 allows remote malicious users to cause a denial of service (crash) via a series of operations that result in an invalid length calculation when using SysAllocStringLen, then triggers a buffer over-read.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft ie 6.0 |