Jump to ininitialized function pointer by referencing unspupported object's method (createTextRange() for checkbox). Potentially can be used for code execution and hidden malware installation. Memory corruption on uninitialized event handlers. HTA code execution. HTML parsing memory corrution. COM objects memory corruption. Crossite scripting.
CPE | Name | Operator | Version |
---|---|---|---|
internet explorer | eq | 6.0 |
vulners.com/securityvulns/securityvulns:doc:11892
vulners.com/securityvulns/securityvulns:doc:11904
vulners.com/securityvulns/securityvulns:doc:11905
vulners.com/securityvulns/securityvulns:doc:11915
vulners.com/securityvulns/securityvulns:doc:11998
vulners.com/securityvulns/securityvulns:doc:12019
vulners.com/securityvulns/securityvulns:doc:12166
vulners.com/securityvulns/securityvulns:doc:12171
vulners.com/securityvulns/securityvulns:doc:12173
vulners.com/securityvulns/securityvulns:doc:12175
vulners.com/securityvulns/securityvulns:doc:12184
vulners.com/securityvulns/securityvulns:doc:12212
vulners.com/securityvulns/securityvulns:doc:12835
vulners.com/securityvulns/securityvulns:doc:12836