10

CVE-2006-1190

EPSS 78.38%
Published 11.04.2006 23:02:00
Last modified 03.04.2025 01:03:51
Source secure@microsoft.com
Teams watchlist Login
Open Login

Microsoft Internet Explorer 5.01 through 6 does not always return the correct IOleClientSite information when dynamically creating an embedded object, which could cause Internet Explorer to run the object in the wrong security context or zone, and allow remote attackers to execute arbitrary code.

Affected products Warnungen 0 Metrics 2 CWE 0 References 14

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Internet Explorer Version5.01

Microsoft ≫ Internet Explorer Version5.1

Microsoft ≫ Internet Explorer Version5.5

Microsoft ≫ Internet Explorer Version6.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	78.38%	0.989

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

http://secunia.com/advisories/18957

http://www.vupen.com/english/advisories/2006/1318

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013

http://securitytracker.com/id?1015900

http://www.kb.cert.org/vuls/id/959649

US Government Resource

http://www.securityfocus.com/bid/17455

https://exchange.xforce.ibmcloud.com/vulnerabilities/25552

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1541

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1735

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1783

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A965

https://nvd.nist.gov/vuln/detail/CVE-2006-1190

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-1190

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-1190

EUVD