Technical Description
A vulnerability has been identified in Microsoft Internet Explorer,which could be exploited by remote attackers to crash a vulnerablebrowser or take complete control of an affected system. This flaw isdue to a buffer overflow error when viewing a web site that uses HTTP1.1 compression and contains an overly long URL, which could beexploited by attackers to cause a denial of service or executearbitrary commands by convincing a user to visit a specially craftedWeb page.
Note : This vulnerability was introduced with MS06-042 patches.
Affected Products
Microsoft Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4
Microsoft Internet Explorer 6 Service Pack 1 on Microsoft Windows XP Service Pack 1
Solution
Disabling the HTTP 1.1 protocol :
http://support.microsoft.com/kb/923762/
