7.5

CVE-2006-1245

Exploit

EPSS 69.67%
Veröffentlicht 17.03.2006 01:02:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle secure@microsoft.com
Teams Watchlist Login
Unerledigt Login

Buffer overflow in mshtml.dll in Microsoft Internet Explorer 6.0.2900.2180, and probably other versions, allows remote attackers to execute arbitrary code via an HTML tag with a large number of script action handlers such as onload and onmouseover, as demonstrated using onclick, aka the "Multiple Event Handler Memory Corruption Vulnerability."

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 22

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Ie Version6.0 Updatesp2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	69.67%	0.985

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://archives.neohapsis.com/archives/bugtraq/2006-02/0855.html

http://secunia.com/advisories/18957

Patch

Vendor Advisory

http://secunia.com/advisories/19269

Patch

Vendor Advisory

http://securitytracker.com/id?1015794

Patch

http://www.kb.cert.org/vuls/id/984473

Third Party Advisory

US Government Resource

http://www.osvdb.org/23964

Exploit

http://www.securityfocus.com/archive/1/428810/100/0/threaded

http://www.securityfocus.com/archive/1/453436/100/0/threaded

http://www.securityfocus.com/archive/1/453554/100/0/threaded

http://www.securityfocus.com/bid/17131

Patch

Exploit

http://www.us-cert.gov/cas/techalerts/TA06-101A.html

Third Party Advisory

US Government Resource

http://www.vupen.com/english/advisories/2006/1318

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013

https://exchange.xforce.ibmcloud.com/vulnerabilities/25292

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1451

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1569

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1599

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1632

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1766

https://nvd.nist.gov/vuln/detail/CVE-2006-1245

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-1245

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-1245

EUVD