Denial of Service Vulnerability in Microsoft Internet Explorer 6's ADODB.Recordset
CVE-2006-3354

Currently unrated

Key Information:

Vendor: Microsoft
Status: Ie; Network Camera Server Vb101; Internet Explorer
Vendor: CVE Published:; 6 July 2006

What is CVE-2006-3354?

Microsoft Internet Explorer 6 is vulnerable to a denial of service due to improper handling of the Filter property within the ADODB.Recordset ActiveX object. Attackers can exploit this vulnerability by sending specific commands that trigger a null dereference, which leads to a crash of the application. This issue poses a significant risk to users, as it can be executed remotely without requiring authentication, causing disruption in service and user experience.

References

http://browserfun.blogspot.com/2006/07/mobb-1-adodbrecord...

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/27596

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/18773

vdb-entryx_refsource_BID

EPSS Score

41% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 6, 2006
Vulnerability Reserved
Jul 5, 2006