[原文]Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to cause a denial of service (application crash) by calling the stringToBinary function of the CEnroll.CEnroll.2 ActiveX object with a long second argument, which triggers an invalid memory access inside the SysAllocStringLen function.
Microsoft IE CEnroll SysAllocStringLen Invalid Length
Remote / Network Access
Denial of Service,
Loss of Availability
Internet Explorer contains a flaw that may allow a local denial of service. The issue is triggered when a long parameter in the CEnroll.CEnroll.2 ActiveX object's stringToBinary method is used, and will result in loss of availability for the Internet Explorer software.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.