2.6
CVE-2006-1992
- EPSS 40.43%
- Veröffentlicht 25.04.2006 01:02:00
- Zuletzt bearbeitet 16.06.2026 22:24:05
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
mshtml.dll 6.00.2900.2873, as used in Microsoft Internet Explorer, allows remote attackers to cause a denial of service (crash) via nested OBJECT tags, which trigger invalid pointer dereferences including NULL dereferences. NOTE: the possibility of code execution was originally theorized, but Microsoft has stated that this issue is non-exploitable.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Internet Explorer Version6.0.2900
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 40.43% | 0.985 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.6 | 4.9 | 2.9 |
AV:N/AC:H/Au:N/C:N/I:N/A:P
|
http://securitytracker.com/id?1016291
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-021
http://archives.neohapsis.com/archives/fulldisclosure/2006-04/0616.html
http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/045422.html
http://secunia.com/advisories/19762
http://securityreason.com/securityalert/781
http://securitytracker.com/id?1016001
http://www.osvdb.org/27475
http://www.securityfocus.com/archive/1/431796/100/0/threaded
http://www.securityfocus.com/bid/17658
http://www.vupen.com/english/advisories/2006/1507
https://exchange.xforce.ibmcloud.com/vulnerabilities/25978