Buffer overflow in INETCOMM.DLL, as used in Microsoft Internet Explorer 6.0 through 6.0 SP2, Windows Explorer, Outlook Express 6, and possibly other programs, allows remote user-assisted attackers to cause a denial of service (application crash) via

mod_digest for Apache before 1.3.31 does not properly verify the nonce of a client response by using a AuthNonce secret.