[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248038

 
 

909

 
 

194772

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-3357Date: (C)2006-07-06   (M)2023-12-22


Heap-based buffer overflow in HTML Help ActiveX control (hhctrl.ocx) in Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code by repeatedly setting the Image field of an Internet.HHCtrl.1 object to certain values, possibly related to improper escaping and long strings.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1016434
BID-18769
http://www.securityfocus.com/archive/1/442733/100/0/threaded
SECUNIA-20906
OSVDB-26835
ADV-2006-2634
ADV-2006-2635
MS06-046
TA06-220A
VU#159220
http://browserfun.blogspot.com/2006/07/mobb-2-internethhctrl-image-property.html
http://www.tippingpoint.com/security/advisories/TSRT-06-08.html
ie-hhctrl-bo(27573)
oval:org.mitre.oval:def:13

OVAL    1
oval:org.mitre.oval:def:13

© SecPod Technologies