Internet Explorer 6 on Windows XP SP2, when Outlook is installed, allows remote malicious users to cause a denial of service (crash) by calling the NewDefaultItem function of an OVCtl (OVCtl.OVCtl.1) ActiveX object, which triggers a null dereference.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft ie 6.0 |