CVE-2006-4687

Sažetak

Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via crafted layout combinations involving DIV tags and HTML CSS float properties that trigger memory corruption, aka "HTML Rendering Memory Corruption Vulnerability."

Reference

http://www.zerodayinitiative.com/advisories/ZDI-06-041.html
http://www.us-cert.gov/cas/techalerts/TA06-318A.html
http://www.kb.cert.org/vuls/id/197852
http://securitytracker.com/id?1017223
http://www.securityfocus.com/bid/21020
http://www.osvdb.org/31323
http://www.vupen.com/english/advisories/2006/4505
https://exchange.xforce.ibmcloud.com/vulnerabilities/29199
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A456
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-067
http://www.securityfocus.com/archive/1/451590/100/100/threaded

CVSS

Base:	5.1
Impact:	6.4
Exploitability:	4.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:H/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

23-07-2021 - 12:19

Objavljeno

14-11-2006 - 21:07