Advisory ID: XSec-06-09 Advisory Name: Internet Explorer Multiple COM Objects Color Property DoS Vulnerability Release Date: 08/22/2006 Tested on: Windows 2000/XP Internet Explorer 6.0 SP1 Affected version: Windows 2000 Windows XP Author: nop http://www.xsec.org Overview: When Internet Explorer Handle Multiple COM Objects(dxtmsft.dll/dxtmsft3.dll) \ Color Property Put Method, Set a Long Strings to Color Property Will Crash \ Internet Explorer. Exploit: =============== Color.htm start ================ =============== Color.htm end ================== Link: http://xsec.org/index.php?module=releases&act=view&type=1&id=17 About XSec: We are redhat.