This script is Copyright (C) 2003-2015 Tenable Network Security, Inc.
It is possible to crash the remote web client.
The remote host is running a version of the shlwapi.dll which crashes
when processing a malformed HTML form.
An attacker may use this flaw to prevent the users of this host from
To exploit this flaw, an attacker would need to send a malformed HTML
file to the remote user, either by email or by making the user visit a
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.9
Public Exploit Available : true