[Forgot Password]
Login  Register Subscribe

23631

 
 

126941

 
 

98250

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2006-4687

Date: (C)2006-11-14   (M)2017-10-12 


Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via crafted layout combinations involving DIV tags and HTML CSS float properties that trigger memory corruption, aka "HTML Rendering Memory Corruption Vulnerability."

CVSS Score: 5.1Access Vector: NETWORK
Exploit Score: 4.9Access Complexity: HIGH
Impact Score: 6.4Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: PARTIAL





Reference:
SECTRACK-1017223
http://www.securityfocus.com/archive/1/archive/1/451590/100/100/threaded
BID-21020
OSVDB-31323
ADV-2006-4505
MS06-067
TA06-318A
VU#197852
http://www.zerodayinitiative.com/advisories/ZDI-06-041.html
ie-layout-code-execution(29199)

CPE    5
cpe:/a:microsoft:ie:5.1
cpe:/a:microsoft:ie:5.5:preview
cpe:/a:microsoft:ie:5.5:sp1
cpe:/a:microsoft:ie:5.5:sp2
...
CWE    1
CWE-119
OVAL    1
oval:org.mitre.oval:def:456

© 2013 SecPod Technologies