Internet Explorer WebViewFolderIcon setSlice integer overflow

Added: 09/29/2006
CVE: CVE-2006-3730
BID: 19030
OSVDB: 27110

Background

The WebViewFolderIcon ActiveX control provides support for icons in the Windows Explorer Web view.

Problem

An integer overflow vulnerability in the setSlice method in the WebViewFolderIcon ActiveX control allows remote command execution by a specially crafted web page.

Resolution

See Microsoft Security Advisory 926043 for fix information.

References

http://www.kb.cert.org/vuls/id/753044

Limitations

Exploit works on Internet Explorer 6.0. Exploit requires a user to load the exploit page into the vulnerable browser.

Due to the nature of the vulnerability, the success of the exploit may depend upon the system state. There may be a delay before the exploit succeeds due to the large amount of memory required on the target.

Platforms

Windows

Back to exploit index