Microsoft 'Shlwapi.dll' 6.0.2800.1106 - Malformed HTML Form Tag Denial of Service
| EKU-ID: 27995 | CVE: OSVDB-11936 | OSVDB-ID: |
| Author: Ramon Pinuaga Cascales | Published: 2003-04-22 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 27995 | CVE: OSVDB-11936 | OSVDB-ID: |
| Author: Ramon Pinuaga Cascales | Published: 2003-04-22 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/7402/info The 'shlwapi.dll' dynamic link library causes a calling application to fail when it attempts to render certain malformed HTML tags. This appears to be due to an attempt to perform a string comparison where one of the strings is a null pointer. It has been reported that this vulnerability could not be exploited to cause code execution. <html> <form> <input type crash> </form> </html>