[] NeoSense
E X P L O I T S
title author type platform port cve id

Microsoft 'Shlwapi.dll' 6.0.2800.1106 - Malformed HTML Form Tag Denial of Service

Author: Ramon Pinuaga Cascales
type: dos
platform: windows
port: 
date_added: 2003-04-22 
date_updated: 2012-11-06 
verified: 1 
codes: OSVDB-11936 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/7402/info

The 'shlwapi.dll' dynamic link library causes a calling application to fail when it attempts to render certain malformed HTML tags. This appears to be due to an attempt to perform a string comparison where one of the strings is a null pointer. It has been reported that this vulnerability could not be exploited to cause code execution.

<html>
<form>
<input type crash>
</form>
</html>
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.