[原文]Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to cause a denial of service (application crash) by calling the Click method of the Internet.HHCtrl.1 ActiveX object before initializing the URL, which triggers a null dereference.
Microsoft IE HTML Help COM Object Click Method NULL Dereference
Remote / Network Access
Denial of Service
Loss of Availability
Internet Explorer contains a flaw that may allow a remote denial of service. The issue is triggered when calling the "Click()" method of the Internet.HHCtrl.1 ActiveX object. This triggers a NULL dereference and will result in loss of availability for the browser.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.